Using information technology governance, risk management and compliance (GRC) as a creator of business values – a case study
The relationship between Information Technology (IT) Governance, Risk Management and Compliance (GRC) and organisation business values continues to interest academics and practitioners (IT Governance Institute, 2003). Like governance, risk management and compliance generally, IT GRC is about the dec...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
AOSIS
2011-08-01
|
| Series: | South African Journal of Economic and Management Sciences |
| Online Access: | https://sajems.org/index.php/sajems/article/view/264 |
| _version_ | 1819114829361709056 |
|---|---|
| author | Sam Lubbe Osden Jokonya |
| author_facet | Sam Lubbe Osden Jokonya |
| author_sort | Sam Lubbe |
| collection | DOAJ |
| description | The relationship between Information Technology (IT) Governance, Risk Management and Compliance (GRC) and organisation business values continues to interest academics and practitioners (IT Governance Institute, 2003). Like governance, risk management and compliance generally, IT GRC is about the decision rights and accountabilities that encourage desirable behaviour in the use of IT (IT Governance Institute, 2003). A case study approach was used in an organisation with many business units. The organisation selected is a mining company, RioZim, situated in Zimbabwe. Data was collected from business units on IT issues and business values. The interviews centred on the IT GRC practices based on responsibility and authority for IT decision making. The results suggest that IT GRC does not adequately support business values. The study revealed that business values should drive IT GRC and IT GRC should be the responsibility of executives and all business units. |
| first_indexed | 2024-12-22T04:51:31Z |
| format | Article |
| id | doaj.art-69fab62ce7e24329990dccb17d9cbaa7 |
| institution | Directory Open Access Journal |
| issn | 1015-8812 2222-3436 |
| language | English |
| last_indexed | 2024-12-22T04:51:31Z |
| publishDate | 2011-08-01 |
| publisher | AOSIS |
| record_format | Article |
| series | South African Journal of Economic and Management Sciences |
| spelling | doaj.art-69fab62ce7e24329990dccb17d9cbaa72022-12-21T18:38:29ZengAOSISSouth African Journal of Economic and Management Sciences1015-88122222-34362011-08-0112111512510.4102/sajems.v12i1.26482Using information technology governance, risk management and compliance (GRC) as a creator of business values – a case studySam LubbeOsden JokonyaThe relationship between Information Technology (IT) Governance, Risk Management and Compliance (GRC) and organisation business values continues to interest academics and practitioners (IT Governance Institute, 2003). Like governance, risk management and compliance generally, IT GRC is about the decision rights and accountabilities that encourage desirable behaviour in the use of IT (IT Governance Institute, 2003). A case study approach was used in an organisation with many business units. The organisation selected is a mining company, RioZim, situated in Zimbabwe. Data was collected from business units on IT issues and business values. The interviews centred on the IT GRC practices based on responsibility and authority for IT decision making. The results suggest that IT GRC does not adequately support business values. The study revealed that business values should drive IT GRC and IT GRC should be the responsibility of executives and all business units.https://sajems.org/index.php/sajems/article/view/264 |
| spellingShingle | Sam Lubbe Osden Jokonya Using information technology governance, risk management and compliance (GRC) as a creator of business values – a case study South African Journal of Economic and Management Sciences |
| title | Using information technology governance, risk management and compliance (GRC) as a creator of business values – a case study |
| title_full | Using information technology governance, risk management and compliance (GRC) as a creator of business values – a case study |
| title_fullStr | Using information technology governance, risk management and compliance (GRC) as a creator of business values – a case study |
| title_full_unstemmed | Using information technology governance, risk management and compliance (GRC) as a creator of business values – a case study |
| title_short | Using information technology governance, risk management and compliance (GRC) as a creator of business values – a case study |
| title_sort | using information technology governance risk management and compliance grc as a creator of business values a case study |
| url | https://sajems.org/index.php/sajems/article/view/264 |
| work_keys_str_mv | AT samlubbe usinginformationtechnologygovernanceriskmanagementandcompliancegrcasacreatorofbusinessvaluesacasestudy AT osdenjokonya usinginformationtechnologygovernanceriskmanagementandcompliancegrcasacreatorofbusinessvaluesacasestudy |