This week we presented the publication that is the foundation of the research carried out by GRC Resource at the 11th IFIP TC 6/ TC 11 International Conference in Linz, Austria. The publication’s core is a single-phrase GRC definition derived from a literature review and validated with GRC professionals. The definition was translated into a frame of reference that can be applied by researchers when approaching GRC.
The definition reads as follows: “GRC is an integrated, holistics approach to organisation-wide governance, risk and compliance ensuring that an organisation acts ethically correct and in accordance with its risk appetite, internal policies and external regulations through the alignment of strategy, processes, technology and people, thereby improving efficiency and effectiveness.”
More on the definition and the frame of reference will soon be published on GRC-Resource.com.
The work was published in the conference proceedings:
Racz, N., Weippl, E. & Seufert, A. (2010): A frame of reference for research of integrated GRC. In: Bart De Decker, Ingrid Schaumüller-Bichl (Eds.), Communications and Multimedia Security, 11th IFIP TC 6/TC 11 International Conference, CMS 2010 Proceedings. Berlin: Springer, pp. 106-117.
Do you remember being challenged to define GRC in a few words – in meetings, lunch discussions or at the water cooler? “It’s Governance, Risk and Compliance” might be an easy answer, but it does not draw out the underlying concept.
Through a review of over 100 GRC publications we have developed a single-phrase definition of GRC we would like to validate with your help. We invite you to take part in our anonymous, two-minute GRC definition survey: http://survey.grc-resource.com
Feel free to share the survey link with other GRC professionals!
Thank you & regards,
Nicolas Racz
GRC Resource recently created a group about integrated GRC within the social business network XING.com. XING is still dominated by German-speaking users, but it is strongly expanding to other language areas these days. Feel free to join the group and take part in discussions with other GRC experts.
As always in IT projects, it lasted longer than planned, but GRC Resource is finally online! The resources linked are still a bit scarce, but you can be sure that new resources are added in regular intervals. All information provided on this website is free – assembled for research and educational purposes. You can find out more about the website and the author in the “About” section.