Professional Documents
Culture Documents
Governance Risk Compliance GRC Software - An Explo
Governance Risk Compliance GRC Software - An Explo
net/publication/221182246
CITATIONS READS
36 3,198
3 authors, including:
Some of the authors of this publication are also working on these related projects:
All content following this page was uploaded by Edgar Weippl on 06 December 2016.
[5] Organisation for Economic Co-Operation and [17] Electronic Publication: J. Hagerty, K. Verma and
Development, OECD Principles of Corporate Governance. D. Gaughan, “The Governance, Risk Management, and
Paris: OECD, 2004. Compliance (GRC) Landscape, Part 2: Software‟s Integral
Role in GRC Automation,” 2008. Accessed 10 January,
[6] A. Mardjono, “A tale of corporate governance: 2010, at
lessons why firms fail,” Managerial Auditing Journal, vol. http://www.metricstream.com/regForms/amr_grc_reg.htm
20:3, Mar. 2005, pp.272–283.
[18] Electronic Publication: F. Caldwell, “The
[7] Committee of Sponsoring Organizations of the Enterprise Governance, Risk and Compliance Platform
Treadway Commission, Enterprise Risk Management – Defined,” 2008. Accessed 8 July, 2009, at
Integrated Framework. New York: AICPA, 2004. http://www.gartner.com/DisplayDocument?doc_cd=155196
[8] M.L. Frigo and R.J. Anderson, “A Strategic [19] Electronic Publication: C. McClean, K. McNabb
Framework for Governance, Risk, and Compliance,” and A. Dill, “The GRC Technology Puzzle: Getting all the
Strategic Finance, vol. 44:1, Feb. 2009, pp.20–61. Pieces to Fit,” 2009. Accessed 10 January, 2010, at
http://www.forrester.com/Research/Document/Excerpt/0,721
[9] Electronic Publication: PricewaterhouseCoopers, 1,45772,00.html
“Integrity-Driven Performance. A New Strategy for Success
Through Integrated Governance, Risk and Compliance [20] M. Rasmussen, “Hand in Hand,” Business Trends
Management,” 2004. Accessed 23 January, 2010, at Quarterly, vol. 2:2, May 2007, pp.44–46.
http://www.globalcompliance.com/pdf/PwCIntegrityDrivenP
erformance.pdf [21] Electronic Publication: OCEG, “GRC-IT Blueprint.
Version 1.0,” 2009. Accessed 12 November, 2009, at
[10] Electronic Publication: Approva Corporation, http://www.oceg.org
“2007 Approva GRC Survey,” 2007. Accessed 10 December,
2009, at http://www.approva.com/survey [22] R. Banham, “Is ERM GRC? Or Vice Versa?”
Treasury & Risk, vol. 2:6, Jun. 2007, pp.48–50.
[11] N. Racz, E. Weippl and A. Seufert, “A frame of
reference for research of integrated governance, risk, and [23] Electronic Publication: PricewaterhouseCoopers,
compliance (GRC).” In: B. De Decker, I. Schaumüller-Bichl “Internal Audit 2012. A study examining the future of
(eds.), Communications and Multimedia Security, CMS 2010 internal auditing and the potential decline of a controls-
Proceedings. Berlin: Springer, 2010, pp. 106-117. centric approach,” 2007. Accessed 5 January, 2010, at
http://www.pwchk.com/home/webmedia/6333054436629682
[12] Electronic Publication: F. Caldwell and T. Eid, 04/ia2012_nov2007.pdf
“Gartner Magic Quadrant for Enterprise Governance, Risk
and Compliance Platforms, 2008”. Accessed 11 July, 2009, [24] Electronic Publication: D. Coderre, “Global
at Technology Audit Guide. Continuous Auditing: Implications
http://www.metricstream.com/regForms/gartner_mq_reg.htm for Assurance, Monitoring, and Risk Assessment,” 2005.
Accessed 7 January, 2010, at
[13] G.C. Roman, “A Taxonomy of Current Issues in http://www.theiia.org/download.cfm?file=19897
Requirements Engineering,” IEEE Computer, vol. 18:4, Apr.
1985, pp.14–23. [25] Electronic Publication: W. Martin and R.
Nussdorfer, “White Paper „Pulse Check‟: Operational,
[14] Electronic Publication: P.E. Proctor, F. Caldwell Tactical and Strategic CPM. Part 1: Vendor Independent
and T. Eid, “A Comparison Model for the GRC White Paper and Reference Architecture,” 2005. Accessed 3
Marketplace, 2008 to 2010.” Accessed 30 Jun, 2008, at July, 2008, at http://www.qis.dk/WP_Uafh/CPM%20-
http://www.gartner.com/DisplayDocument?id=712207 %20Corporate%20Performance%20Management%20WhiteP
aper.pdf
[15] Electronic Publication: F. Caldwell, T. Eid and C.
Casper, “Magic Quadrant for Enterprise Governance, Risk [26] J. Ludewig and H. Lichter, Software Engineering.
and Compliance Platforms, 2009. Accessed 5 January, 2010, Heidelberg: Dpunkt, 2006.
at
http://paisley.thomsonreuters.com/website/pcweb.nsf/pages/ [27] A.R. Hevner, S.T. March, J. Park and S. Ram,
ARAE-6XANSY “Design science in information systems research,” MIS
Quarterly, vol. 28:1, Mar. 2004, pp.75–105.