Governance, Risk and Compliance for Information Systems: Towards an Integrated Approach

Governance, Risk & Compliance (GRC) is an important topic in the worlds of business and technology. The dominant notion of the acronym ? an integrated approach to the three disciplines of GRC ? has been ignored by scientific research so far. The research presented in this book for the first time describes GRC integration from a scientific perspective. Both "GRC for IT" (known as IT GRC) and "IT for GRC" (GRC software) are analysed. From literature reviews, surveys and case studies a GRC definition and a high-level process model for integrated GRC in IT management are derived. This book provides useful, practical insights for both academics and professionals dealing with GRC.