Analysing the governance, risk and compliance (GRC) implementation process: primary insights

Governance, Risk and Compliance (GRC) as an integrated concept has gained great interest recently among researchers in the Information Systems (IS) field. The need for more effective and efficient business processes in the area of financial controls drives enterprises to successfully implement GRC systems as an overall goal when they are striving for enterprise value of their integrated systems. The GRC implementation process is a significant parameter influencing the success of operational performance and financial governance and supports the practices for competitive advantage within the organisations. However, GRC literature is limited regarding the analysis of their implementation and adoption success. Therefore, there is a need for further research and contribution in the area of GRC systems and more specifically their implementation process. The research at hand recognizes GRC as a fundamental business requirement and focuses on the need to analyse the implementation process of such enterprise solutions. The research includes theoretical and empirical investigation of the GRC implementation within an enterprise and develops a framework for the analysis of the GRC adoption. The approach suggests that the three success factors (integration, optimisation, information) influence the adoption of the GRC and more specifically their implementation process. The proposed framework followed a case study approach to confirm its functionality and is evaluated through interviews with stakeholders involved in GRC implementations. Furthermore, it can be used by the organisations when considering the adoption of GRC solutions and can also suggest a tool for researchers to analyse and explain further the GRC implementation process.