Defining and Adopting an End User Computing Policy: A Case Study
Abstract
End User Computing carries significant risks if not well controlled. This paper is a case study of the introduction of an updated End User Computing policy at the Wesleyan Assurance Society. The paper outlines the plan and identifies various challenges. The paper explains how these challenges were overcome. We wrote an End User Computing Risk Assessment Application which calculates a risk rating band based on the Complexity, Materiality and Control (or lack of it) pertaining to any given application and the basis of assessment is given in this paper. The policy uses a risk based approach for assessing and mitigating against the highest risks first and obtaining the quickest benefit.
Keywords
Cite
@article{arxiv.1909.00855,
title = {Defining and Adopting an End User Computing Policy: A Case Study},
author = {Roger Turner},
journal= {arXiv preprint arXiv:1909.00855},
year = {2020}
}
Comments
25 Pages, 12 Colour Figures. 1 Table. First presented at the EuSpRIG 2018 Conference at Imperial College, London. Revised and updated following a further presentation at the EuSpRIG 2019 Conference also at Imperial College, London