scispace - formally typeset
Search or ask a question

What are the key steps in developing an ontology-based internal audit framework? 

Ontology-based data integration
Suggested Upper Merged Ontology
Upper ontology
Ontology Inference Layer
Process ontology
Best insight from top research papers

Developing an ontology-based internal audit framework involves several key steps. Firstly, it is essential to address privacy compliance through a "privacy by design" approach, utilizing semantic modelling and reasoning layers to integrate context information for effective compliance checking during audit trials . Secondly, the design and implementation of smart contracts should incorporate ontology engineering and model-driven engineering to ensure critical validity aspects are explicitly represented, facilitating audit through a clear separation of concerns . Additionally, automated compliance auditing solutions using ontology-based information models can verify adherence to regulatory standards, such as in the banking sector, streamlining the audit process and identifying discrepancies between security standards and actual practices . Lastly, enhancing and populating a compliance ontology through information extraction from existing GRC systems can facilitate semantic interoperability, reducing complexity and redundancy in compliance monitoring for enterprises .

Answers from top 5 papers

More filters
Papers (5)Insight
Proceedings ArticleDOI
Information audit based on ontology
Francisco Santana Guimaraes, Carlos Pampulim Caldeira, Paulo Quaresma 
17 Jun 2015
3 Citations
Key steps in developing an ontology-based internal audit framework involve utilizing Ontology Learning for semi-automation, creating OWL representations, and employing natural language for concept interpretation and semantic understanding.
Proceedings ArticleDOI
An ontology based framework to support multi-standard compliance for an enterprise
Danny C. Cheng, Nathalie Rose Lim-Cheng 
01 Jul 2017
6 Citations
Enhancing compliance ontology through information extraction from a GRC system is crucial for semantic interoperability, reducing redundancy, and streamlining compliance monitoring in enterprises.
Open accessProceedings Article
Development of Ontology Based Framework for Information Security Standardss
Partha Saha, Ambuj Mahanti, Binay Bhushan Chakraborty, Avinash Navlani 
24 Mar 2013
2 Citations
Key steps in developing an ontology-based internal audit framework include establishing risk management context, identifying risky events, formulating risk responses, and monitoring risk action plans.
Open accessJournal Article
An ontology-based compliance audit framework for medical data sharing across Europe
Hanene Boussi Rahmouni, Kamran Munir, Intidhar Essefi, Marco Casassa Mont, Tony Solomonides 
15 Oct 2020-The International Arab Journal of Information Technology
1 Citations
Key steps in developing an ontology-based internal audit framework include semantic modelling, integrating context information, and implementing a semantic reasoning layer for compliance verification in healthcare data sharing.
Book ChapterDOI
Ontology-Driven Audit Using the REA-Ontology
Graham Gal, Monique Snoeck, Wim Laurier 
28 Jun 2021
Utilize ontology engineering and model-driven engineering to design and implement smart contracts, ensuring critical validity aspects are represented for auditability in the REA ontology framework.

Related Questions

What is internal audit?4 answersInternal audit is a crucial process within organizations, serving as a systematic and independent evaluation of operations to ensure compliance, risk management, and governance effectiveness. It plays a significant role in enhancing the quality management system, improving performance, and protecting against risks such as fraud and non-compliance. The efficiency, productivity, and cost-effectiveness of internal audit systems are key criteria for its quality and effectiveness. Internal audit not only provides assurance on the organization's activities but also offers valuable recommendations for improvement, contributing to the entity's competitiveness and value addition. Furthermore, internal audit functions involve assessing asset control, policy compliance, risk analysis, and decision-making to drive company development.
What does ontology internal audit?5 answersOntology plays a crucial role in enhancing internal audit processes by providing a structured framework for capturing, analyzing, and evaluating organizational information assets. It aids in capturing the structure and semantic of information, enabling a more comprehensive data capture process for audits. Additionally, ontology-driven decision support systems are proposed for management system audits, helping auditors verify the consistency of individual management systems with established standards. Furthermore, utilizing ontologies to represent knowledge audit results facilitates the identification of inefficiencies, knowledge gaps, and barriers, enabling better knowledge management initiatives and reuse of audit outcomes when technological solutions are required. Overall, ontology contributes significantly to improving the effectiveness, efficiency, and accuracy of internal audit processes within organizations.
How to Internal Audit by ontology ?5 answersInternal audit processes can benefit from utilizing ontology to enhance their effectiveness. Ontology can help in structuring and capturing critical validity aspects of audit reports, facilitating the assessment and management of audit processes. By incorporating ontology into the audit framework, it becomes easier to assess the consistency of rules and behaviors within an organization, leading to more accurate audit reports. Additionally, ontology can aid in the verification of compliance with legal privacy requirements in multi-jurisdictional health domains, ensuring that privacy obligations are explicitly captured and checked during audit trials. Overall, integrating ontology into internal audit processes can improve the quality, accuracy, and effectiveness of audits by providing a structured approach to handling critical aspects and verifying compliance with regulations.
How to apply ontology for internal audit based on ISO27001?5 answersTo apply ontology for internal audit based on ISO27001, a modeling approach leveraging a double-layered ontology can be utilized. This approach involves a high-level ontology for complex domain relations and a low-level ontology specific to the ISO 27000 family of standards. By incorporating ontology engineering and model-driven engineering, critical validity aspects of smart contracts can be explicitly represented, ensuring faithful implementation of validity checks. Additionally, semantic modeling and reasoning layers can be employed to integrate fine-grained context information for privacy compliance verification in healthcare domains. Furthermore, a multi-model data abstraction layer can be implemented to combine fast storage engines with ontology-based data management tools, enabling efficient data representation and querying while applying constraints and rules.
How to apply ontology for internal audit?5 answersTo apply ontology for internal audit, one can leverage semantic modeling and reasoning techniques to facilitate compliance verification and fraud detection. By utilizing ontology-based frameworks, such as the REA ontology for representing critical validity aspects of contracts or financial indicators for fraud detection, organizations can enhance the audit process by ensuring explicit representation of legal requirements and detecting misstatement accounts at a fine-grained level. These frameworks enable auditors to analyze past data processing events, verify compliance with legal obligations, and provide logical explanations and risk warnings at the account level, thus improving the efficiency and effectiveness of internal audits.
Can the use of ontologies help identify potential risks and vulnerabilities within an organization's internal controls?5 answersYes, the use of ontologies can significantly aid in identifying potential risks and vulnerabilities within an organization's internal controls. Ontologies provide a structured representation of knowledge about attacks, vulnerabilities, and cyber threats, enabling security analysts to detect and mitigate risks effectively. By leveraging formal ontology definitions, automated methods like OnToRisk can integrate information from various sources to frame cybersecurity threats and provide insights into organizational risks, thus facilitating the systematic identification of new risks as they emerge. This approach streamlines the process of risk identification by automating aspects of cybersecurity risk assessment, allowing organizations to proactively manage their cybersecurity posture and prevent the spread of attacks within their systems.

See what other people are reading

What problems are associated with semantics of onyms?
5 answers
The problems associated with the semantics of onyms include underspecification, multiple interpretations, and inadequacy in representing the richness of relations in problem domains. Additionally, the dominating onomastic view lacks consideration of semiotics, highlighting the need for a triple model of onymic semantics based on Ogden–Richards’ semiotic triangle. Furthermore, in the context of text mining, understanding the exact semantics of terms is hindered by homonym and synonym problems, which traditional thesauri struggle to resolve. These issues emphasize the importance of precise semantics in various domains, such as ontology construction, linguistic resources development, and text analysis, to avoid ambiguity and enhance the quality of results.What are the key components of a requirements analysis in capstone and thesis archiving?
5 answers
Requirements analysis in capstone and thesis archiving involves crucial steps to ensure project success. Firstly, it is essential to elicit complete, consistent, and unambiguous requirements. This process often involves multiple stakeholders and requires transitioning from informal to formal requirements, which can be challenging due to the inherent vagueness and ambiguities in natural language documents. Additionally, the use of prototypes and data dictionaries can be a more effective means of communicating with users and accurately eliciting requirements. Furthermore, tracking the evolution of requirements throughout the project is vital, as changes in requirements can impact the level of detail in the final solution. Overall, a user-centered approach, involving various methods like literature analysis, focus group interviews, and expert interviews, is crucial for identifying and analyzing requirements in capstone and thesis archiving projects.What is cultural knowledge?
5 answers
Cultural knowledge encompasses understanding cultural and religious differences, customs, and habits of various social groups, enabling effective interaction and care in diverse environments. It influences how individuals interpret health experiences and risk factors, shaping their perceptions and behaviors. Moreover, cultural knowledge is pivotal in initiatives like the Cultural Knowledge Park, emphasizing education and knowledge dissemination within societies. In professional settings, such as business interactions, cultural knowledge plays a crucial role in managing interactions and relationships, aiding in language proficiency, work culture comprehension, and effective communication. Additionally, ontologies are utilized to formalize and preserve cultural knowledge, ensuring its dissemination and reuse across different contexts, thereby enhancing understanding and information management in the cultural domain.What's a good paper on alexa siri being unaware of context?
5 answers
A relevant paper addressing the limitation of general information and lack of context awareness in question answering systems like Alexa and Google Assistant is "Context-QA" by Jorgensen et al. This paper introduces a context-aware QA framework called Context-QA, which significantly improves answer quality by up to 49% and reduces search time by up to 56% compared to conventional QA models. Additionally, the concept of context awareness in ambient intelligence, as discussed in Traynor et al., emphasizes the importance of creating electronic environments that foster seamless human-computer interaction through context-aware systems. These papers collectively highlight the significance of context awareness in enhancing user experiences and the efficiency of intelligent systems like personal assistants.What constitutes “reality” and “natural-ness” of a taxon?
5 answers
The "reality" and "natural-ness" of a taxon are complex concepts in biology. The reality of a taxon is questioned due to the plurality of interpretations regarding its essence, leading to ontological issues. Biologists debate whether taxa are inventions of the mind or actual entities in the world, with some viewing taxonomizing as a discovery process. The naturalness of taxa is linked to the idea of "natural kinds," which are cuts in nature that represent its true structure and causal laws. Additionally, the evolutionarily real unit in taxonomy is a topic of discussion, with some considering species and others genera as more natural units. Understanding the naturalness and reality of taxa is crucial for taxonomy and evolutionary studies.How will the ontology of learning change in the era of generative AI?
5 answers
In the era of generative AI, the ontology of learning is expected to evolve significantly. Ontologies need to be adaptable to handle evolution, revision, and refinement. A foundational and generative ontology based on graph structures can provide a formal language for ontological concepts. To efficiently expand learned concepts to new domains, a computational model can couple new forms of concepts with past forms in an embedding space, enabling continual learning. Automatic adaptation methods are crucial for relieving ontology engineers from manual interventions, allowing them to focus on high-level inspection. Additionally, learning ontological concepts from text can support continual mutual bootstrapping of learners and semantic analyzers, addressing knowledge acquisition bottlenecks in AI. These advancements suggest that the ontology of learning will become more dynamic, adaptive, and efficient in the era of generative AI.What is insight?
5 answers
Insight is a multi-dimensional construct that involves understanding one's mental illness, recognizing symptoms, and acknowledging the benefits of adhering to treatment. It is not only crucial in psychotic disorders like schizophrenia but also relevant across various mental health conditions, impacting prognosis, treatment outcomes, and social functioning. Insight encompasses cognitive functions, such as metacognition and self-awareness, allowing individuals to comprehend the motivations behind their thoughts and behaviors. In the realm of healthcare informatics, platforms like Insight leverage Semantic Web technologies to analyze healthcare data for neurology research, utilizing provenance metadata and ontology reasoning to create patient cohorts based on research study origins and expand query expressions for cohort queries.How to preserve coltural dance?
5 answers
To preserve cultural dance, a comprehensive approach involving the digitization of performances and background knowledge is crucial. Utilizing an ontology-based method, such as the Multimedia Web Ontology Language (MOWL), can effectively capture and encode the domain knowledge related to dance performances. Additionally, incorporating technologies like gyroscopes and accelerometers to record intricate movements can aid in preserving the unique characteristics of traditional dances, as seen in the preservation efforts of Korean traditional music and dance. Furthermore, establishing choreographic trusts can play a significant role in managing and preserving a choreographer's dance legacy, ensuring proper licensing, restaging of works, and long-term preservation programs. By combining these strategies, including digital preservation, technological advancements, and legal frameworks, the rich heritage of cultural dance can be effectively safeguarded for future generations.Why is the ontology of a study important?
5 answers
The ontology of a study is crucial due to its role in representing knowledge, facilitating information exchange, and enhancing data organization across various domains. Ontologies provide clarity, consistency, and the ability to link information from different sources, making them valuable in fields like biological science, data science, and behavioral science. In the context of smart healthcare in university campuses, ontologies help solve semantic interoperability issues, enabling intelligent recommendations and seamless data integration between different systems. Moreover, in domains like data mining, ontology assists in organizing and classifying objects to maximize new knowledge and improve the data mining process results, showcasing its significance in enhancing research outcomes and knowledge management.Drawbacks using protogee for ontology development?
4 answers
Using Protégé for ontology development presents several drawbacks. Firstly, ontology development is often a time-consuming and confusing process, especially for beginners, as they struggle with choosing classes, properties, and axioms, along with issues of modularity and reusability. Additionally, the centralized top-down development approach by a few knowledge engineers can lead to a disproportional role for developers compared to domain experts and end-users, hindering effective collaboration. Furthermore, while Protégé is effective for structured and formal ontologies, it may not be suitable for domains requiring exploration and communication of ideas through prototyping approaches. These limitations highlight the need for tools that support collaborative ontology development, discussions, and annotations to enhance the efficiency and effectiveness of the ontology development process.How does data inconsistency affect the accuracy and reliability of product information in PLM systems?
5 answers
Data inconsistency in Product Lifecycle Management (PLM) systems can significantly impact the accuracy and reliability of product information. Inconsistencies arise from various sources like heterogeneous data, conflicting data, and manual data management processes. These inconsistencies lead to inaccurate results, poor decision-making, and difficulties in integrating different engineering domains. In the context of manufacturing industries, data inconsistencies in production feedback data can result in low adherence to planned delivery dates, affecting scheduling processes. Implementing trace algorithms, PLM systems, and cloud-based traceability solutions can help mitigate data inconsistencies and improve the quality of information integration in complex supply chains. Ontologies play a crucial role in managing data inconsistencies by providing a common knowledge structure accessible to all actors involved in the product lifecycle, enhancing decision-making and time efficiency.