RedirectingRedirecting GRC Resource » GRC Resource

Collected GRC publications available as book

Posted by Nicolas on Nov 30, 2011

The six first-author publications of Nicolas Racz are now available in consolidated form, including an extended introduction to GRC. The book can be purchased from Amazon [Buy from Amazon].

Research publication: GRC vendor survey presented at ACIS 2010

Posted by Nicolas on Dec 25, 2010

The Australasian Conference on Information Systems (ACIS), primary conference in the region, in 2010 featured a GRC track with several interesting contributions . We used the opportunity to present our latest research, carried out in collaboration with the University of Erlangen-Nuremberg. In a survey among 48 large enterprises we identified the status quo of GRC and GRC software. Implications for research were derived. You can download the presentation here.

Research publication: A frame of reference for research of integrated GRC

Posted by Nicolas on Jun 3, 2010

This week we presented the publication that is the foundation of the research carried out by GRC Resource at the 11th IFIP TC 6/ TC 11 International Conference in Linz, Austria. The publication’s core is a single-phrase GRC definition derived from a literature review and validated with GRC professionals. The definition was translated into a frame of reference that can be applied by researchers when approaching GRC.

The definition reads as follows: “GRC is an integrated, holistics approach to organisation-wide governance, risk and compliance ensuring that an organisation acts ethically correct and in accordance with its risk appetite, internal policies and external regulations through the alignment of strategy, processes, technology and people, thereby improving efficiency and effectiveness.”

More on the definition and the frame of reference will soon be published on

The work was published in the conference proceedings:
Racz, N., Weippl, E. & Seufert, A. (2010): A frame of reference for research of integrated GRC. In: Bart De Decker, Ingrid Schaumüller-Bichl (Eds.), Communications and Multimedia Security, 11th IFIP TC 6/TC 11 International Conference, CMS 2010 Proceedings. Berlin: Springer, pp. 106-117.

Help us define GRC!

Posted by Nicolas on May 27, 2009

Do you remember being challenged to define GRC in a few words – in meetings, lunch discussions or at the water cooler? “It’s Governance, Risk and Compliance” might be an easy answer, but it does not draw out the underlying concept.

Through a review of over 100 GRC publications we have developed a single-phrase definition of GRC we would like to validate with your help. We invite you to take part in our anonymous, two-minute GRC definition survey:

Feel free to share the survey link with other GRC professionals!

Thank you & regards,
Nicolas Racz

Join the GRC group at XING

Posted by Nicolas on Apr 13, 2008

GRC Resource recently created a group about integrated GRC within the social business network XING is still dominated by German-speaking users, but it is strongly expanding to other language areas these days. Feel free to join the group and take part in discussions with other GRC experts.

GRC Resource has been launched

Posted by Nicolas on Mar 23, 2008

As always in IT projects, it lasted longer than planned, but GRC Resource is finally online! The resources linked are still a bit scarce, but you can be sure that new resources are added in regular intervals. All information provided on this website is free – assembled for research and educational purposes. You can find out more about the website and the author in the “About” section.