Please use this identifier to cite or link to this item:
|Title:||Managing Information Security Risk Using Integrated Governance Risk and Compliance||Authors:||Nicho, M.
|Issue Date:||2017||Publisher:||Institute of Electrical and Electronics Engineers Inc.||Journal:||2017 International Conference on Computer and Applications, ICCA 2017||Conference:||2017 International Conference on Computer and Applications, ICCA 2017; Doha; United Arab Emirates; 6 September 2017 through 7 September 2017; Category numberCFP17L64-ART; Code 131502||Abstract:||This paper aims to demonstrate the building blocks of an IT Governance Risk and Compliance (IT GRC) model as well the phased stages of the optimal integration of IT GRC frameworks, standards and model through a longitudinal study. A qualitative longitudinal single case study methodology through multiple open-ended interviews were conducted over a period of four years (July 2012 to November 2015) in a retail financial institution. Our empirical study contributes to both academic research and practice in IT GRC. First, we identified the various building blocks of IT GRC domain from vertical as well as horizontal perspectives. Second, we methodologically demonstrated the gradual metamorphosis of the evolution of an IT GRC from a single ITG framework to multiple IT GRC building blocks. The journey thus throws light on the gradual staged process of attaining maturity in IT GRC by an organization. The resultant IT GRC model thus, guides managerial actions towards a better understanding of the positioning of IT GRC building blocks in an organization through the understanding of the interaction of vertical and horizontal domains. The results of the paper thus enable practitioners and academics to better understand and evaluate IT GRC implementation for effective governance, reduce risk and ensure compliance in organizations. © 2017 IEEE.||URI:||http://hdl.handle.net/20.500.12216/19||DOI:||10.1109/COMAPP.2017.8079741|
|Appears in Collections:||Conference Papers|
Show full item record
checked on Jun 20, 2018
Items in Corepaedia are protected by copyright, with all rights reserved, unless otherwise indicated.