The Role of IT Governance Risk and Compliance (IT GRC) in Modern Organizations

Article Sidebar

Main Article Content

Adebayo Adeyinka Victor
Mubarak A Moronkunbi
Oyetunde Christian Oyedeji
Popoola Olusegun Victor
Shodunke Ajani Samuel

Abstract: The study delves into the intricacies of IT Governance, Risk, and Compliance (IT GRC) in modern organisations, emphasising its significance amidst evolving regulatory landscapes and increased reliance on IT systems. IT GRC is an integrated framework combining IT governance, risk management, and compliance, ensuring alignment with business goals, mitigating risks, and adhering to regulations. The paper outlines the theoretical foundation of IT GRC and highlights the challenges and gaps in the current literature, underscoring the need for further research and understanding. It discusses the components and importance of IT GRC, illustrating how effective implementation enhances operational efficiency and reduces vulnerability to threats. Key frameworks such as COBIT and ISO 27001 are examined for their roles in establishing IT GRC standards. The study also explores the challenges in implementing IT GRC systems, recommending best practices for successful integration. Emerging technologies and future trends in IT GRC are analysed, projecting the domain's evolution in response to dynamic business environments. The research underscores modern organisations' need to adopt a holistic and integrated approach to IT GRC, aligning it with broader corporate governance to achieve sustainable performance and compliance.

The Role of IT Governance Risk and Compliance (IT GRC) in Modern Organizations. (2024). International Journal of Latest Technology in Engineering Management & Applied Science, 13(6), 44-50. https://doi.org/10.51583/IJLTEMAS.2024.130607

Downloads

Downloads

Download data is not yet available.

References

Sikdar, P. (2021). Strong Security Governance Through Integration and Automation: A Practical Guide to Building an Integrated GRC Framework for Your Organization. [HTML] DOI: https://doi.org/10.1201/9781003018100

Zammit, C., Grima, S., & Kizilkaya, Y. M. (2021). A Maturity Evaluation of Governance, Risk Management and Compliance (GRC) within the Maltese Public Sector. In Contemporary Issues in Public Sector Accounting and Auditing (pp. 219-255). Emerald Publishing Limited. [HTML] DOI: https://doi.org/10.1108/S1569-375920200000105016

Chergui, M., & Chakir, A. (2020). IT GRC smart adviser: Process driven architecture applying an integrated framework. Advances in Science, Technology and Engineering Systems, 5(6), 247-255. researchgate.net DOI: https://doi.org/10.25046/aj050629

Alharbi, F., Sabra, M. N. A., Alharbe, N., & Almajed, A. A. (2022). Towards a strategic it grc framework for healthcare organizations. International Journal of Advanced Computer Science and Applications, 13(1). academia.edu DOI: https://doi.org/10.14569/IJACSA.2022.0130125

Chhetri, I. T. (2022). Cybersecurity and governance, risk and compliance (grc). Australian Journal of Wireless Technologies, Mobility and Security, 1. researchgate.net

Kjærvik, S. B. (2023). Utilization of ServiceNow's Risk Management Functionality Within the GRC Module: A Case Study. ntnu.no

Michelberger, P., & Kemendi, Á. (2020). Data, information and it security-software support for security activities. Problems of Management in the 21st Century, 15(2), 108-124. semanticscholar.org DOI: https://doi.org/10.33225/pmc/20.15.108

Massicotte, S. & Henri, J. F. (2021). The use of management accounting information by boards of directors to oversee strategy implementation. The British Accounting Review. [HTML] DOI: https://doi.org/10.1016/j.bar.2020.100953

Aspan, H. (2022). Ocdy Amelia, William Lam (2022). Re-Appointment of Directors and Commissioners in the Same Position in a Limited Liability Company. Sch Int J Law Crime Justice. saudijournals.com DOI: https://doi.org/10.36348/sijlcj.2022.v05i09.006

Aboud, A., & Yang, X. (2022). Corporate governance and corporate social responsibility: new evidence from China. International Journal of Accounting & Information Management, 30(2), 211-229. port.ac.uk DOI: https://doi.org/10.1108/IJAIM-09-2021-0195

Hartmann, C. C. & Carmenate, J. (2021). Academic research on the role of corporate governance and IT expertise in addressing cybersecurity breaches: Implications for practice, policy, and research. Current issues in auditing. [HTML] DOI: https://doi.org/10.2308/CIIA-2020-034

Kalsum, U. (2021). Factors affecting the disclosure of corporate social responsibility. International Journal of Business Economics (IJBE). umsu.ac.id

Kuchma, O. & Kotukh, Y. (2023). INSTITUTING A ROBUST RISK MANAGEMENT FRAMEWORK FOR THE STATE-OWNED IT GOVERNANCE. Матеріали конференцій МЦНД. mcnd.org.ua

Makaš, A. (2023). Governance, risk and compliance frameworks applicability in the organizations. International Journal of Science and Research Archive. ijsra.net

Fischer, M., Imgrund, F., Janiesch, C., & Winkelmann, A. (2020). Strategy archetypes for digital transformation: Defining meta objectives using business process management. Information & Management, 57(5), 103262. sciencedirect.com DOI: https://doi.org/10.1016/j.im.2019.103262

Atmaja, D. S., Fachrurazi, F., Abdullah, A., Fauziah, F., Zaroni, A. N., & Yusuf, M. (2022). Actualization Of Performance Management Models For The Development Of Human Resources Quality, Economic Potential, And Financial Governance Policy In Indonesia Ministry Of Education. iainptk.ac.id

Hu, X., Yan, H., Casey, T., & Wu, C. H. (2021). Creating a safe haven during the crisis: How organizations can achieve deep compliance with COVID-19 safety measures in the hospitality industry. International Journal of Hospitality Management, 92, 102662. nih.gov DOI: https://doi.org/10.1016/j.ijhm.2020.102662

Pererva, P., Kobielieva, T., Kuchinskyi, V., Garmash, S., & Danko, T. (2021). Ensuring the Sustainable Development of an Industrial Enterprise on the Principle of Compliance-Safety. Studies of Applied Economics, 39(5). ual.es DOI: https://doi.org/10.25115/eea.v39i5.5111

Thabit, T. H. (2021). The Impact of Implementing COBIT 2019 Framework on Reducing the Risks of e-Audit. Buhuth Mustaqbaliya. researchgate.net

Almusawi, I. G. (2021). Using COBIT Framework for Reducing the Audit Risks of Accounting Information Systems. Akkad Journal of Contemporary Accounting Studies. acefs.org DOI: https://doi.org/10.55202/ajcas.v1i1.18

Al-Fatlawi, Q. A., Al Farttoosi, D. S., & Almagtome, A. H. (2021). Accounting information security and it governance under cobit 5 framework: A case study. Webology. webology.org DOI: https://doi.org/10.14704/WEB/V18SI02/WEB18073

Alsaleem, E. A., & Husin, N. M. (2023). The Impact of Information Technology Governance Under Cobit-5 Framework on Reducing the Audit Risk in Jordanian Companies. International Journal of Professional Business Review: Int. J. Prof. Bus. Rev., 8(2), 4. unirioja.es DOI: https://doi.org/10.26668/businessreview/2023.v8i2.1236

De Haes, S., Van Grembergen, W., Joshi, A., Huygh, T., De Haes, S., Van Grembergen, W., ... & Huygh, T. (2020). COBIT as a Framework for Enterprise Governance of IT. Enterprise Governance of Information Technology: Achieving Alignment and Value in Digital Organizations, 125-162. [HTML] DOI: https://doi.org/10.1007/978-3-030-25918-1_5

Fonseca-Herrera, O. A., Rojas, A. E., & Florez, H. (2021). A model of an information security management system based on NTC-ISO/IEC 27001 standard. IAENG Int. J. Comput. Sci, 48(2), 213-222. researchgate.net

Al Faruq, B., Herlianto, H. R., Simbolon, S. H., Utama, D. N., & Wibowo, A. (2020). Integration of ITIL V3, ISO 20000 & iso 27001: 2013forit services and security management system. International Journal, 9(3). academia.edu DOI: https://doi.org/10.30534/ijatcse/2020/157932020

Fathurohman, A., & Witjaksono, R. W. (2020). Analysis and design of information security management system based on ISO 27001: 2013 using Annex Control (Case Study: District of Government of Bandung City). Bulletin of Computer Science and Electrical Engineering, 1(1), 1-11. bcsee.org DOI: https://doi.org/10.25008/bcsee.v1i1.2

Alexei, A. (2021). Ensuring information security in public organizations in the Republic of Moldova through the ISO 27001 standard. Journal of Social Sciences. idsi.md DOI: https://doi.org/10.52326/jss.utm.2021.4(1).11

Aquino Cruz, M., Huallpa Laguna, J. N., Huillcen Baca, H. A., Carpio Vargas, E. E., & Palomino Valdivia, F. D. L. (2020, October). Implementation of an Information Security Management System based on the ISO/IEC 27001: 2013 standard for the information technology division. In The International Conference on Advances in Emerging Trends and Technologies (pp. 264-272). Cham: Springer International Publishing. [HTML] DOI: https://doi.org/10.1007/978-3-030-63665-4_21

Sanz, J. L., & Zhu, Y. (2021, September). Toward scalable artificial intelligence in finance. In 2021 IEEE International Conference on Services Computing (SCC) (pp. 460-469). IEEE. [HTML] DOI: https://doi.org/10.1109/SCC53864.2021.00067

Antunes, M., Maximiano, M., & Gomes, R. (2022). A client-centered information security and cybersecurity auditing framework. Applied Sciences. mdpi.com DOI: https://doi.org/10.3390/app12094102

Katuu, S. (2021). Trends in the enterprise resource planning market landscape. Journal of Information and Organizational Sciences. srce.hr DOI: https://doi.org/10.31341/jios.45.1.4

Kwong, J. & Pearlson, K. (2024). Supply Chain Cybersecurity and Small and Medium-Sized Enterprises (SMEs): Exploring Shortcomings in Third Party Risk Management of SMEs. hawaii.edu

Norimarna, S. (2021, November). Conceptual Review: Compatibility of regulatory requirements of FSA to Insurance industry in Indonesia for Integrated GRC. In RSF Conference Series: Business, Management and Social Sciences (Vol. 1, No. 5, pp. 105-115). researchsynergypress.com DOI: https://doi.org/10.31098/bmss.v1i5.456

Abdurrahman, A., Gustomo, A., & Prasetio, E. A. (2024). Enhancing banking performance through dynamic digital transformation capabilities and governance, risk management, and compliance: Insights from the Indonesian context. The Electronic Journal of Information Systems in Developing Countries, 90(2), e12299. [HTML] DOI: https://doi.org/10.1002/isd2.12299

Cu, M., Peko, G., Chan, J., & Sundaram, D. (2023). … -based Governance, Risk Management, and Compliance for Fractional Ownership: Design and Implementation of A Decentralized Autonomous Agent System. hawaii.edu DOI: https://doi.org/10.24251/HICSS.2023.473

PUDJIANTO, W. (2021). Process mining in governance, risk management, compliance (grc), and auditing: A systematic literature review. Journal of Theoretical and Applied Information Technology, 99(18). researchgate.net

Adisuria, K. F., & Jayadi, R. (2023). Analysis Of The Implementation GRC Information System in Supporting Performance Optimization. Journal of Information System Management (JOISM), 4(2), 97-106. amikom.ac.id DOI: https://doi.org/10.24076/joism.2023v4i2.975

Mahendra, I., Prabowo, H., & Hidayanto, A. N. (2022, August). Information technology challenges for integrated governance, risk and compliance (grc). In 2022 1st International Conference on Smart Technology, Applied Informatics, and Engineering (APICS) (pp. 79-84). IEEE. [HTML] DOI: https://doi.org/10.1109/APICS56469.2022.9918797

Madkhali, A. & Sithole, S. T. M. (2023). Exploring the role of information technology in supporting sustainability efforts in Saudi Arabia. Sustainability. mdpi.com DOI: https://doi.org/10.20944/preprints202307.0188.v1

McIntosh, T., Liu, T., Susnjak, T., Alavizadeh, H., Ng, A., Nowrozy, R., & Watters, P. (2023). Harnessing GPT-4 for generation of cybersecurity GRC policies: A focus on ransomware attack mitigation. Computers & security, 134, 103424. sciencedirect.com DOI: https://doi.org/10.1016/j.cose.2023.103424

Butler, T., Gozman, D., & Lyytinen, K. (2023). The regulation of and through information technology: Towards a conceptual ontology for IS research. Journal of Information Technology, 38(2), 86-107. [HTML] DOI: https://doi.org/10.1177/02683962231181147

Manhart, P., Summers, J. K., & Blackhurst, J. (2020). A meta‐analytic review of supply chain risk management: assessing buffering and bridging strategies and firm performance. Journal of Supply Chain Management, 56(3), 66-87. [HTML] DOI: https://doi.org/10.1111/jscm.12219

Keith, D. A., Ferrer-Paris, J. R., Nicholson, E., Bishop, M. J., Polidoro, B. A., Ramirez-Llodra, E., ... & Kingsford, R. T. (2022). A function-based typology for Earth’s ecosystems. Nature, 610(7932), 513-518. nature.com DOI: https://doi.org/10.1038/s41586-022-05318-4

Faulkner, E., Holtorf, A. P., Liu, C. Y., Lin, H., Biltaj, E., Brixner, D., ... & Payne, K. (2020). Being precise about precision medicine: what should value frameworks incorporate to address precision medicine? A report of the personalized precision medicine special interest group. Value in Health, 23(5), 529-539. sciencedirect.com DOI: https://doi.org/10.1016/j.jval.2019.11.010

Eling, M., McShane, M., & Nguyen, T. (2021). Cyber risk management: History and future research directions. Risk Management and Insurance Review, 24(1), 93-125. [HTML] DOI: https://doi.org/10.1111/rmir.12169

Boiral, O., Talbot, D., & Brotherton, M. C. (2020). Measuring sustainability risks: A rational myth?. Business Strategy and the Environment, 29(6), 2557-2571. researchgate.net DOI: https://doi.org/10.1002/bse.2520

Apeh, A. J., Hassan, A. O., Oyewole, O. O., Fakeyede, O. G., Okeleke, P. A., & Adaramodu, O. R. (2023). GRC strategies in modern cloud infrastructures: a review of compliance challenges. Computer Science & IT Research Journal, 4(2), 111-125. fepbl.com DOI: https://doi.org/10.51594/csitrj.v4i2.609

Chakir, A., Chergui, M., & Andry, J. F. (2020). A smart updater it governance platform based on artificial intelligence. risk. researchgate.net DOI: https://doi.org/10.25046/aj050507

Kravariti, F. & Johnston, K. (2020). Talent management: a critical literature review and research agenda for public sector human resource management. Public Management Review. researchgate.net DOI: https://doi.org/10.1080/14719037.2019.1638439

Lapuente, V. & Van de Walle, S. (2020). The effects of new public management on the quality of public services. Governance. wiley.com DOI: https://doi.org/10.1111/gove.12502

Neumann, O., Guirguis, K., & Steiner, R. (2024). Exploring artificial intelligence adoption in public organizations: a comparative case study. Public Management Review. tandfonline.com DOI: https://doi.org/10.1080/14719037.2022.2048685

Di Vaio, A., Hassan, R., & Alavoine, C. (2022). Data intelligence and analytics: A bibliometric analysis of human–Artificial intelligence in public sector decision-making effectiveness. Technological Forecasting and Social Change, 174, 121201. e-tarjome.com DOI: https://doi.org/10.1016/j.techfore.2021.121201

Article Details

How to Cite

The Role of IT Governance Risk and Compliance (IT GRC) in Modern Organizations. (2024). International Journal of Latest Technology in Engineering Management & Applied Science, 13(6), 44-50. https://doi.org/10.51583/IJLTEMAS.2024.130607