Research Article
A Context Adaptive Framework for IT Governance, Risk, Compliance and Security
@INPROCEEDINGS{10.1007/978-3-319-77818-1_2, author={Shree Govindji and Gabrielle Peko and David Sundaram}, title={A Context Adaptive Framework for IT Governance, Risk, Compliance and Security}, proceedings={Context-Aware Systems and Applications, and Nature of Computation and Communication. 6th International Conference, ICCASA 2017, and 3rd International Conference, ICTCC 2017, Tam Ky, Vietnam, November 23-24, 2017, Proceedings}, proceedings_a={ICCASA \& ICTCC}, year={2018}, month={3}, keywords={Governance Risk management Compliance Information technology Security Context adaptive}, doi={10.1007/978-3-319-77818-1_2} }- Shree Govindji
Gabrielle Peko
David Sundaram
Year: 2018
A Context Adaptive Framework for IT Governance, Risk, Compliance and Security
ICCASA & ICTCC
Springer
DOI: 10.1007/978-3-319-77818-1_2
Abstract
The technological solutions offered today evolve at a rapid pace, as this happens, risk management and security practices are becoming more relevant and in fact, now a necessity for most growing organisation. Governance, Risk management and compliance (GRC) are established and well-adhered functions in a business which have individually always been very important in business management. As individual topics, the application of all concepts have been fundamental for businesses in order to manage risks. However, over the years, the term GRC was developed and applied to describe the integration between the various areas due to the reason that a monolithic approach between the functions was no longer feasible in successful management of business risk. However IT GRC has been dealt with an isolated manner from IT Security. In this paper we explore IT GRC and Security and propose an integrated context adaptive framework that addresses the problems of monolithic approaches.