TITLE:
The Development of a Data-Centred Conceptual Reference Model for Strategic GRC-Management
AUTHORS:
Volker Nissen, Wolfgang Marekfia
KEYWORDS:
Governance, Risk, Compliance, Strategic Management, Information Objects, Reference Model
JOURNAL NAME:
Journal of Service Science and Management,
Vol.7 No.2,
April
18,
2014
ABSTRACT:
Until now
there are only few ideas for an integrated governance, risk and compliance
(GRC) management available with these referring to the management process of
GRC only. In literature, mainly specific questions at a detailed level, like
the automation of different controls, are discussed in the GRC context. To be
in the position to entirely realise benefit potentials (e.g. improvement of
processes), it is necessary to have an integrated GRC-Management focusing on
the strategic business objectives. Starting from the requirements, this article
deals with general guidelines for strategic GRC-Management showing which
aspects have to be considered in terms of an integral approach. On this basis,
a data-centred reference model explicates the structural connections of
GRC-related data, and lays the basis for the implementation in practice.