论文信息 - A Frame of Reference for Research of Integrated Governance, Risk and Compliance (GRC)

A Frame of Reference for Research of Integrated Governance, Risk and Compliance (GRC)

Governance, Risk and Compliance (GRC) is an emerging topic in the business and information technology world. However to this day the concept behind the acronym has neither been adequately researched, nor is there a common understanding among professionals. The research at hand provides a frame of reference for research of integrated GRC that was derived from the first scientifically grounded definition of the term. By means of a literature review the authors merge observations, an analysis of existing definitions and results from prior surveys in the derivation of a single-phrase definition. The definition is evaluated and improved through a survey among GRC professionals. Finally a frame of reference for GRC research is constructed.

[1] Scott L Mitchell,et al. GRC360: A framework to help organisations drive principled performance , 2007 .

[2] J O Drife. One in three. , 1991, BMJ.

[3] Alan R. Hevner,et al. Design Science in Information Systems Research , 2004, MIS Q..

[4] J. Mak,et al. An integration innovation , 2006 .

[5] Frederik Ahlemann,et al. Process Model for an Empiracally Grounded Reference Model Construction , 2007 .

[6] Rob Zanella. IT Governance, Risk, and Compliance , 2010 .

[7] Peter Fettke,et al. State-of-the-Art des State-of-the-Art , 2006, Wirtschaftsinf..

[8] Alexander Teubner,et al. Informationstechnologie, Governance und Compliance , 2008, Wirtschaftsinf..