DocumentCode :
3203816
Title :
IT Governance, Risk & Compliance (GRC) Status Quo and Integration: An Explorative Industry Case Study
Author :
Racz, Nicolas ; Weippl, Edgar ; Bonazzi, Riccardo
Author_Institution :
Inst. of Software Technol. & Interactive Syst., Tech. Univ. Vienna, Vienna, Austria
fYear :
2011
fDate :
4-9 July 2011
Firstpage :
429
Lastpage :
436
Abstract :
The integration of governance, risk, and compliance (GRC) activities has gained importance over the last years. This paper presents an analysis of the GRC integration efforts in information technology departments of three large enterprises. Action design research is used to organize the research in order to assess IT GRC activities based on a model with five dimensions. By means of semi-structured interviews key findings concerning the status quo of the three IT GRC disciplines, their integration and their relation to GRC on the corporate level are identified and rated. Five key findings explain the main commonalities and differences observed.
Keywords :
DP management; information technology; risk management; GRC integration; IT GRC activities; IT compliance; IT governance; IT risk; information technology;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Services (SERVICES), 2011 IEEE World Congress on
Conference_Location :
Washington, DC
Print_ISBN :
978-1-4577-0879-4
Electronic_ISBN :
978-0-7695-4461-8
Type :
conf
DOI :
10.1109/SERVICES.2011.78
Filename :
6012770
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3203816
بازگشت