Posted by Nicolas on Jun 3, 2010
This week we presented the publication that is the foundation of the research carried out by GRC Resource at the 11th IFIP TC 6/ TC 11 International Conference in Linz, Austria. The publication’s core is a single-phrase GRC definition derived from a literature review and validated with GRC professionals. The definition was translated into a frame of reference that can be applied by researchers when approaching GRC.
The definition reads as follows: “GRC is an integrated, holistics approach to organisation-wide governance, risk and compliance ensuring that an organisation acts ethically correct and in accordance with its risk appetite, internal policies and external regulations through the alignment of strategy, processes, technology and people, thereby improving efficiency and effectiveness.”
More on the definition and the frame of reference will soon be published on GRC-Resource.com.
The work was published in the conference proceedings:
Racz, N., Weippl, E. & Seufert, A. (2010): A frame of reference for research of integrated GRC. In: Bart De Decker, Ingrid Schaumüller-Bichl (Eds.), Communications and Multimedia Security, 11th IFIP TC 6/TC 11 International Conference, CMS 2010 Proceedings. Berlin: Springer, pp. 106-117.