Context-Aware Systems and Applications, and Nature of Computation and Communication. 6th International Conference, ICCASA 2017, and 3rd International Conference, ICTCC 2017, Tam Ky, Vietnam, November 23-24, 2017, Proceedings

Research Article

A Context Adaptive Framework for IT Governance, Risk, Compliance and Security

  • @INPROCEEDINGS{10.1007/978-3-319-77818-1_2,
        author={Shree Govindji and Gabrielle Peko and David Sundaram},
        title={A Context Adaptive Framework for IT Governance, Risk, Compliance and Security},
        proceedings={Context-Aware Systems and Applications, and Nature of Computation and Communication. 6th International Conference, ICCASA 2017, and 3rd International Conference, ICTCC 2017, Tam Ky, Vietnam, November 23-24, 2017, Proceedings},
        proceedings_a={ICCASA \& ICTCC},
        year={2018},
        month={3},
        keywords={Governance Risk management Compliance Information technology Security Context adaptive},
        doi={10.1007/978-3-319-77818-1_2}
    }
    
  • Shree Govindji
    Gabrielle Peko
    David Sundaram
    Year: 2018
    A Context Adaptive Framework for IT Governance, Risk, Compliance and Security
    ICCASA & ICTCC
    Springer
    DOI: 10.1007/978-3-319-77818-1_2
Shree Govindji1,*, Gabrielle Peko1,*, David Sundaram1,*
  • 1: University of Auckland
*Contact email: bgov153@aucklanduni.ac.nz, g.peko@auckland.ac.nz, d.sundaram@auckland.ac.nz

Abstract

The technological solutions offered today evolve at a rapid pace, as this happens, risk management and security practices are becoming more relevant and in fact, now a necessity for most growing organisation. Governance, Risk management and compliance (GRC) are established and well-adhered functions in a business which have individually always been very important in business management. As individual topics, the application of all concepts have been fundamental for businesses in order to manage risks. However, over the years, the term GRC was developed and applied to describe the integration between the various areas due to the reason that a monolithic approach between the functions was no longer feasible in successful management of business risk. However IT GRC has been dealt with an isolated manner from IT Security. In this paper we explore IT GRC and Security and propose an integrated context adaptive framework that addresses the problems of monolithic approaches.