Integration of IT Governance and Security Risk Management: a Systematic Literature Review

GRC is an umbrella acronym covering the three disciplines of governance, risk management and compliance. In this context, IT GRC is the subset of GRC dealing with IT aspects of GRC. The main challenge of GRC is to have an approach as integrated as possible of the three domains. The objective of our paper is to study one facet of IT GRC: the links and integration between IT governance and risk management that we consider today as the least integrated. To do so, the method followed in this paper is a systematic literature review, in order to identify the existing research works in this field. The resulting contribution of the paper is a set of recommendations established for practitioners and for researchers on how better deal with the integration between IT governance and risk management.

Published in: International Conference on Information Society (i-Society 2016)

Date of Conference: 10-13 October 2016
DOI: 10.2053/iSociety.2016.0030
ISBN: 978-1-908320-62-9
Conference Location: Dublin, Ireland

About Us

From Art to Science and Climate Change to World Peace, we embrace technological advancement, innovative Ideas, encourages research collaboration and training worldwide. The Society also questions the boundary issues between societal and technological dimensions of knowledge evolution, which lead to the concept of Infonomics. As part of our continuous improvement, we develop innovative ideas that combine traditional techniques with advanced technologies to create something very different.

Quick Links

Write Us

If you have a general enquiry,
please contact us.

Address
37th Floor
1 Canada Square
Canary Wharf
London, E14 5AA
United Kingdom

Integration of IT Governance and Security Risk Management: a Systematic Literature Review

Abstract

About Us

Quick Links

Write Us

Follow Us On: