Abstract
Due to increasing requirements, standards and tight oversight from governments, along with the immediate need to effectively manage the increasing business and operational risks inherent to competing in a complex global market, integrated Governance, Risk and Compliance (GRC) is becoming one of the most important business requirements for organizations. In particular, IT requirements, standards and best practices play a crucial role in IT organizations/departments. The lack of guidance in this domain, namely scientific research, results in unaided attempts to improve efficiency and effectiveness in organizations. In this paper we propose a business architecture that describes the integration of the main processes for IT Governance, IT Risk Management and IT Compliance (IT GRC). Based on a process model for IT GRC and a conceptual model for GRC, we use ArchiMate to model the behavioural, structural and informational structure of the business viewpoint - business processes, roles and business objects respectively. To end with, we discuss the final result and draw some conclusions about the constructed artifact.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
