Name
Abstract | ||
|---|---|---|
Enterprises have reached to understanding that information technology (IT) is more than just a technical issue. Domains such as IT governance, risk management and compliance (GRC) have been established to steer it. Though there has been some improvements, these domains are usually considered separately, thus less business value is created due to complexity of the process flows. There has been little attempts to integrate all three aspects, however this was done using domain specific standard and not taking into account the existing state of the art. In this paper, we conduct a systematic literature review to understand the processes, roles, strategies, and technologies of IT GRC as well as their integration. Based on the results of the review, we propose an assessment framework, which could guide evaluation of the enterprise's IT GRC concerns. |
Year | DOI | Venue |
|---|---|---|
2017 | 10.1007/978-3-319-67383-7_25 | Communications in Computer and Information Science |
Keywords | Field | DocType |
Governance,Risk management,Compliance,IT GRC,Systematic review | Corporate governance,Business value,Environmental resource management,Systematic review,Information technology,Risk management,Process management,Business | Conference |
Volume | ISSN | Citations |
770 | 1865-0929 | 1 |
PageRank | References | Authors |
0.37 | 6 | 3 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Mikhel Vunk | 1 | 1 | 0.37 |
| Nicolas Mayer | 2 | 196 | 18.43 |
| Raimundas Matulevičius | 3 | 459 | 44.97 |