Analysing the governance, risk and compliance (GRC) implementation process: primary insights
conference contribution
posted on 2017-11-07, 09:02authored byKonstantina Spanaki, Anastasia Papazafeiropoulou
Governance, Risk and Compliance (GRC) as an integrated concept has gained great interest recently
among researchers in the Information Systems (IS) field. The need for more effective and efficient
business processes in the area of financial controls drives enterprises to successfully implement GRC
systems as an overall goal when they are striving for enterprise value of their integrated systems. The
GRC implementation process is a significant parameter influencing the success of operational
performance and financial governance and supports the practices for competitive advantage within the
organisations. However, GRC literature is limited regarding the analysis of their implementation and
adoption success. Therefore, there is a need for further research and contribution in the area of GRC
systems and more specifically their implementation process. The research at hand recognizes GRC as a
fundamental business requirement and focuses on the need to analyse the implementation process of
such enterprise solutions. The research includes theoretical and empirical investigation of the GRC
implementation within an enterprise and develops a framework for the analysis of the GRC adoption.
The approach suggests that the three success factors (integration, optimisation, information) influence
the adoption of the GRC and more specifically their implementation process. The proposed framework
followed a case study approach to confirm its functionality and is evaluated through interviews with
stakeholders involved in GRC implementations. Furthermore, it can be used by the organisations when
considering the adoption of GRC solutions and can also suggest a tool for researchers to analyse and
explain further the GRC implementation process.
History
School
Business and Economics
Department
Business
Published in
21st European Conference on Information Systems (ECIS)
Citation
SPANAKI, K. and PAPAZAFEIROPOULOU, A., 2013. Analysing the governance, risk and compliance (GRC) implementation process: primary insights. IN: Proceedings of 2013 21st European Conference on Information Systems (ECIS), Utrecht, Netherlands, 6-8 June 2013.
Version
VoR (Version of Record)
Publisher statement
This work is made available according to the conditions of the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) licence. Full details of this licence are available at: https://creativecommons.org/licenses/by-nc-nd/4.0/