The article Realizing Trustworthy Business Services Through a New GRC Approach authored by Yudistira Asnar, Hoon Wei Lim, Fabio Massacci and Claire Worledge describes the MASTER methodology used to implement GRC on service-oriented business environments.  

The MASTER methodology contributes to GRC bringing a new approach to implement controls at the service/business process level. This approach is aligned with the abstract interface of SOA, and it improves the flexibility of control process improvement without affecting the business process. A critical aspect of SOA is support for integration and interoperability of legacy systems and applications developed by various vendors. The MASTER methodology allows one to control the execution flow of the business processes that fully exploit these critical features of SOA. Control processes can, therefore, be implemented in a distributed environment, and assurance is not limited to processes occurring within a single organization boundary.  The MASTER methodology is accompanied by IT architecture and a set of tools that support:

• Monitoring of events triggered by business services
• Analysis and assessment of business service behavior with respect to control objectives
• Automation of control enforcement 

The article was published in The ISACA Journal, Volume 6, 2009.