IDEAS home Printed from https://ideas.repec.org/a/spr/infosf/v18y2016i6d10.1007_s10796-015-9572-3.html
   My bibliography  Save this article

Understanding governance, risk and compliance information systems (GRC IS): The experts view

Author

Listed:
  • Anastasia Papazafeiropoulou

    (Brunel University, London)

  • Konstantina Spanaki

    (Imperial College, London)

Abstract

Although Governance, Risk and Compliance (GRC) is an emerging field of study within the information systems (IS) academic community, the concept behind the acronym has to still be demystified and further investigated. The study investigates GRC systems in depth by (a) reviewing the literature on existing GRC studies, and (b) presenting a field study on views about GRC application by professional experts. The aim of this exploratory study is to understand the aspects and the nature of the GRC system following an enterprise systems approach. The result of this study is a framework of particular GRC characteristics that need to be taken into consideration when these systems are put in place. This framework includes specific areas such as: goals and objectives, purpose of the system, key stakeholders, methodology and requirements prior to implementation, critical success factors and problems/barriers. Further discussion about the issues, the concerns and the diverse views on GRC would assist in developing an agenda for the future research on the GRC field.

Suggested Citation

  • Anastasia Papazafeiropoulou & Konstantina Spanaki, 2016. "Understanding governance, risk and compliance information systems (GRC IS): The experts view," Information Systems Frontiers, Springer, vol. 18(6), pages 1251-1263, December.
    • Handle: RePEc:spr:infosf:v:18:y:2016:i:6:d:10.1007_s10796-015-9572-3
    DOI: 10.1007/s10796-015-9572-3
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s10796-015-9572-3
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.
    File URL: https://libkey.io/10.1007/s10796-015-9572-3?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Tom Butler & Damien McGovern, 2012. "A conceptual model and IS framework for the design and adoption of environmental compliance management systems," Information Systems Frontiers, Springer, vol. 14(2), pages 221-235, April.
    2. Susan Scott & Nicholas Perry, 2012. "The enactment of risk categories: The role of information systems in organizing and re-organizing risk management practices in the energy industry," Information Systems Frontiers, Springer, vol. 14(2), pages 125-141, April.
    3. Shazia Sadiq & Michael zur Muehlen & Marta Indulska, 2012. "Governance, risk and compliance: Applications in information systems," Information Systems Frontiers, Springer, vol. 14(2), pages 123-124, April.
    4. Linh Thao Ly & Stefanie Rinderle-Ma & Kevin Göser & Peter Dadam, 2012. "On enabling integrated process compliance with semantic constraints in process management systems," Information Systems Frontiers, Springer, vol. 14(2), pages 195-219, April.
    5. Stefan Strecker & David Heise & Ulrich Frank, 2011. "RiskM: A multi-perspective modeling method for IT risk assessment," Information Systems Frontiers, Springer, vol. 13(4), pages 595-611, September.
    6. Syaiful Ali & Peter Green, 2012. "Effective information technology (IT) governance mechanisms: An IT outsourcing perspective," Information Systems Frontiers, Springer, vol. 14(2), pages 179-193, April.
    7. Jörg Hoffmann & Ingo Weber & Guido Governatori, 2012. "On compliance checking for clausal constraints in annotated process models," Information Systems Frontiers, Springer, vol. 14(2), pages 155-177, April.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Dimosthenis Anagnostopoulos & Thanos Papadopoulos & Teta Stamati & Maria Elisavet Balta, 2020. "Policy and Information Systems Implementation: the Greek Property Tax Information System Case," Information Systems Frontiers, Springer, vol. 22(4), pages 791-802, August.
    2. Victor Chang, 2020. "Presenting Cloud Business Performance for Manufacturing Organizations," Information Systems Frontiers, Springer, vol. 22(1), pages 59-75, February.
    3. Rajan, Rishabh & Rana, Nripendra P. & Parameswar, Nakul & Dhir, Sanjay & Sushil, & Dwivedi, Yogesh K., 2021. "Developing a modified total interpretive structural model (M-TISM) for organizational strategic cybersecurity management," Technological Forecasting and Social Change, Elsevier, vol. 170(C).
    4. Martin (Dae Youp) Kang & Anat Hovav, 2020. "Benchmarking Methodology for Information Security Policy (BMISP): Artifact Development and Evaluation," Information Systems Frontiers, Springer, vol. 22(1), pages 221-242, February.
    5. Dakshitha N. Jinasena & Konstantina Spanaki & Thanos Papadopoulos & Maria E. Balta, 2023. "Success and Failure Retrospectives of FinTech Projects: A Case Study Approach," Information Systems Frontiers, Springer, vol. 25(1), pages 259-274, February.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Chulhwan Chris Bang, 2015. "Information systems frontiers: Keyword analysis and classification," Information Systems Frontiers, Springer, vol. 17(1), pages 217-237, February.
    2. Shazia Sadiq & Michael Muehlen & Marta Indulska, 2012. "Preface," Information Systems Frontiers, Springer, vol. 14(2), pages 119-121, April.
    3. Dimosthenis Anagnostopoulos & Thanos Papadopoulos & Teta Stamati & Maria Elisavet Balta, 2020. "Policy and Information Systems Implementation: the Greek Property Tax Information System Case," Information Systems Frontiers, Springer, vol. 22(4), pages 791-802, August.
    4. Mustafa Hashmi & Guido Governatori & Moe Thandar Wynn, 2016. "Normative requirements for regulatory compliance: An abstract formal framework," Information Systems Frontiers, Springer, vol. 18(3), pages 429-455, June.
    5. Norris Syed Abdullah & Marta Indulska & Shazia Sadiq, 2016. "Compliance management ontology – a shared conceptualization for research and practice in compliance management," Information Systems Frontiers, Springer, vol. 18(5), pages 995-1020, October.
    6. Ni Li & Xiang Li & Yuzhong Shen & Zhuming Bi & Minghui Sun, 2015. "Risk assessment model based on multi-agent systems for complex product design," Information Systems Frontiers, Springer, vol. 17(2), pages 363-385, April.
    7. Fouad Amiri & Sietse Overbeek & Gerard Wagenaar & Christoph Johann Stettina, 2021. "Reconciling agile frameworks with IT sourcing through an IT sourcing dimensions map and structured decision-making," Information Systems and e-Business Management, Springer, vol. 19(4), pages 1113-1142, December.
    8. Gonzalez, Reyes & Gasco, Jose & Llopis, Juan, 2016. "Information systems contracts and relationships: A Spanish perspective," Journal of Business Research, Elsevier, vol. 69(5), pages 1696-1700.
    9. Oliver Thomas & Simon Hagen & Ulrich Frank & Jan Recker & Lauri Wessel & Friedemann Kammler & Novica Zarvic & Ingo Timm, 2020. "Global Crises and the Role of BISE," Business & Information Systems Engineering: The International Journal of WIRTSCHAFTSINFORMATIK, Springer;Gesellschaft für Informatik e.V. (GI), vol. 62(4), pages 385-396, August.
    10. Heise, David & Strecker, Stefan & Frank, Ulrich, 2014. "ControlML: A domain-specific modeling language in support of assessing internal controls and the internal control system," International Journal of Accounting Information Systems, Elsevier, vol. 15(3), pages 224-245.
    11. Roger Clarke, 2022. "Research opportunities in the regulatory aspects of electronic markets," Electronic Markets, Springer;IIM University of St. Gallen, vol. 32(1), pages 179-200, March.
    12. Zhen, Jie & Xie, Zongxiao & Dong, Kunxiang, 2021. "Impact of IT governance mechanisms on organizational agility and the role of top management support and IT ambidexterity," International Journal of Accounting Information Systems, Elsevier, vol. 40(C).
    13. Farida Veerankutty & Thurasamy Ramayah & Noor Azman Ali, 2018. "Information Technology Governance on Audit Technology Performance among Malaysian Public Sector Auditors," Social Sciences, MDPI, vol. 7(8), pages 1-19, July.
    14. Jolanta Sloniec, 2021. "A Longitudinal Analysis of IT Outsourcing in Large Polish Organizations," European Research Studies Journal, European Research Studies Journal, vol. 0(Special 2), pages 439-452.
    15. Sojung Lucia Kim & Thompson S.H. Teo & Anol Bhattacherjee & Kichan Nam, 0. "IS auditor characteristics, audit process variables, and IS audit satisfaction: An empirical study in South Korea," Information Systems Frontiers, Springer, vol. 0, pages 1-15.
    16. Remco Dijkman & Sander Vincent Lammers & Ad Jong, 2016. "Properties that influence business process management maturity and its effect on organizational performance," Information Systems Frontiers, Springer, vol. 18(4), pages 717-734, August.
    17. Kanika Goel & Wasana Bandara & Guy Gable, 2023. "Banking the Unbanked: Conceptualizing Success of the Business Correspondent Model," Information Systems Frontiers, Springer, vol. 25(5), pages 1953-1984, October.
    18. Joseph Vithayathil & Vidyanand Choudhary, 2022. "Organizational Structure for the IT Department: Profit Center or Cost Center?," Information Systems Frontiers, Springer, vol. 24(6), pages 2053-2076, December.
    19. Zhaojun Yang & Jun Sun & Yali Zhang & Ying Wang, 2018. "Peas and carrots just because they are green? Operational fit between green supply chain management and green information system," Information Systems Frontiers, Springer, vol. 20(3), pages 627-645, June.
    20. Saida Harguem, 2021. "A Conceptual Framework on IT Governance Impact on Organizational Performance: A Dynamic Capability Perspective," Academic Journal of Interdisciplinary Studies, Richtmann Publishing Ltd, vol. 10, January.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:infosf:v:18:y:2016:i:6:d:10.1007_s10796-015-9572-3. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.