Governance, Risk and Compliance for Information Systems

Governance, Risk & Compliance (GRC) is an important topic in the worlds of business and technology. The dominant notion of the acronym - an integrated approach to the three disciplines of GRC - has been ignored by scientific research so far. The research presented in this book for the first time describes GRC integration from a scientific perspective. Both "GRC for IT" (known as IT GRC) and "IT for GRC" (GRC software) are analysed. From literature reviews, surveys and case studies a GRC definition and a high-level process model for integrated GRC in IT management are derived. This book provides useful, practical insights for both academics and professionals dealing with GRC.

Autorentext

Nicolas Racz holds a doctorate degree from the Vienna University of Technology (TU Vienna), where he extensively researched the integrated approach to Governance, Risk & Compliance. His academic and professional background is in information systems. After his studies Nicolas joined the strategy consultancy Arthur D. Little.

Klappentext

Governance, Risk & Compliance (GRC) is an important topic in the worlds of business and technology. The dominant notion of the acronym an integrated approach to the three disciplines of GRC has been ignored by scientific research so far. The research presented in this book for the first time describes GRC integration from a scientific perspective. Both "GRC for IT" (known as IT GRC) and "IT for GRC" (GRC software) are analysed. From literature reviews, surveys and case studies a GRC definition and a high-level process model for integrated GRC in IT management are derived. This book provides useful, practical insights for both academics and professionals dealing with GRC.