A Framework for Assessing Organisational IT Governance, Risk and Compliance

被引：1

作者：

Vunk, Mikhel ^{[1
]}

Mayer, Nicolas ^{[2
]}

Matulevicius, Raimundas ^{[1
]}

机构：

[1] Univ Tartu, Inst Comp Sci, Tartu, Estonia

[2] Luxembourg Inst Sci & Technol, 5 Ave Hauts Fourneaux, L-4362 Esch Sur Alzette, Luxembourg

来源：

SOFTWARE PROCESS IMPROVEMENT AND CAPABILITY DETERMINATION, SPICE 2017 | 2017年 / 770卷

关键词：

Governance; Risk management; Compliance; IT GRC; Systematic review;

D O I：

10.1007/978-3-319-67383-7_25

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Enterprises have reached to understanding that information technology (IT) is more than just a technical issue. Domains such as IT governance, risk management and compliance (GRC) have been established to steer it. Though there has been some improvements, these domains are usually considered separately, thus less business value is created due to complexity of the process flows. There has been little attempts to integrate all three aspects, however this was done using domain specific standard and not taking into account the existing state of the art. In this paper, we conduct a systematic literature review to understand the processes, roles, strategies, and technologies of IT GRC as well as their integration. Based on the results of the review, we propose an assessment framework, which could guide evaluation of the enterprise's IT GRC concerns.

引用

页码：337 / 350

页数：14

共 50 条

[1] Development of a Validation Method for an IT Governance, Risk and Compliance Health Care Framework
Krey, Mike
Furnell, Steven
Harriehausen, Bettina
Knoll, Matthias
[J]. PROCEEDINGS OF THE 7TH EUROPEAN CONFERENCE ON MANAGEMENT LEADERSHIP AND GOVERNANCE, 2011, : 227 - 238
[2] Information technology governance framework for improving organisational performance
Ako-Nai, Anyetei
Singh, Anesh M.
[J]. SOUTH AFRICAN JOURNAL OF INFORMATION MANAGEMENT, 2019, 21 (01):
[3] Not all risks are equal: a risk governance framework for assessing the water SDG
Johanna Karolina Louise Koehler
[J]. International Environmental Agreements: Politics, Law and Economics, 2023, 23 : 179 - 189
[4] Not all risks are equal: a risk governance framework for assessing the water SDG
Koehler, Johanna Karolina Louise
[J]. INTERNATIONAL ENVIRONMENTAL AGREEMENTS-POLITICS LAW AND ECONOMICS, 2023, 23 (02) : 179 - 189
[5] Risk governance: exploring the role of organisational culture
Hassan, Mostafa Kamal
Abdulkarim, Mustafa Elkasih
Ismael, Hazem Ramadan
[J]. JOURNAL OF ACCOUNTING AND ORGANIZATIONAL CHANGE, 2022, 18 (01): : 77 - 99
[6] A conceptual model and IS framework for the design and adoption of environmental compliance management systemsFor special issue on governance, risk and compliance in IS
Tom Butler
Damien McGovern
[J]. Information Systems Frontiers, 2012, 14 : 221 - 235
[7] Information Governance: Beyond Risk and Compliance
Beijer, Peter
Kooper, Michiel
[J]. PROCEEDINGS OF THE 6TH EUROPEAN CONFERENCE ON MANAGEMENT LEADERSHIP AND GOVERNANCE, 2010, : 34 - 39
[8] Governance, Risk, and Compliance in Cloud Scenarios
Brandis, Knud
Dzombeta, Srdan
Colomo-Palacios, Ricardo
Stantchev, Vladimir
[J]. APPLIED SCIENCES-BASEL, 2019, 9 (02):
[9] A framework for assessing capacity in water governance
Zary, A.
Bjornlund, H.
Xu, W.
[J]. WATER RESOURCES MANAGEMENT VIII, 2015, 196 : 329 - 340
[10] A framework for assessing organisational culture of Chinese construction enterprises
Liu, Anita
Zhang, Shuibo
Leung, Meiyung
[J]. ENGINEERING CONSTRUCTION AND ARCHITECTURAL MANAGEMENT, 2006, 13 (04) : 327 - +

← 1 2 3 4 5 →