The sciences of the artificial (3rd ed.)
The sciences of the artificial (3rd ed.)
Information Integration: Conceptual Modeling and Reasoning Support
COOPIS '98 Proceedings of the 3rd IFCIS International Conference on Cooperative Information Systems
Proceedings of the 25th International Conference on Software Engineering
Using ontology to validate conceptual models
Communications of the ACM - Service-oriented computing
Design Science Research Methods and Patterns: Innovating Information and Communication Technology
Design Science Research Methods and Patterns: Innovating Information and Communication Technology
Design and natural science research on information technology
Decision Support Systems
HICSS '11 Proceedings of the 2011 44th Hawaii International Conference on System Sciences
Design science in information systems research
MIS Quarterly
A frame of reference for research of integrated governance, risk and compliance (GRC)
CMS'10 Proceedings of the 11th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
Measures and mechanisms for process monitoring in evolving business networks
Data & Knowledge Engineering
Hi-index | 0.00 |
As integrated Governance, Risk and Compliance (GRC) becomes one of the most important business requirements in organizations, the market is incongruously struggling to satisfy organizations' needs. The absence of scientific references regarding GRC is leading to a dispersion of concepts involving this topic. Without boundaries and correct domain definition, poor implementation of GRC solutions can lead to low performances and high vulnerabilities for organizations. This paper proposes a set of high level concepts covering the GRC domain. Through literature review and framework research we propose key functions of governance, risk and compliance and their associations, resulting in a reference conceptual model for integrated GRC. The model was evaluated by comparing the GRC capability model from OCEG with a quality model evaluation framework. We concluded that the proposed model is valid and complete.