Automation for Governance, Risk, and Compliance Management

摘要

Technologies are described herein for automating governance, risk, and compliance management (GRC). Through the utilization of the technologies and concepts presented herein, GRC management may be automated to thereby provide significant reduction in customization per installation or customer. Compliance management of regulations for managed entities may entail receiving a set of control objectives mapped to the regulations. A set of scopes mapped to the managed entities may be received. Harmonized test results for the control objectives may be generated. Harmonized test results may be identified for a subset of the control objectives mapped to one or more specified regulations for the managed entities within a specified one of the set of scopes. Also, a compliance report may be generated based upon the identified harmonized test results.