Proceedings of the 58th Annual Meeting of the ISSS - 2014 United States, Proceedings of the 58th Meeting of ISSS, Washington DC, USA, July 2014

Font Size:  Small  Medium  Large

A SYSTEMIC GRC MATURITY MODEL

Emir Hernando Pernet, Jeimy Jose Cano

Abstract


This paper proposes a systemic model that will enable organizations to diagnose the state of maturity of its Governance, Risk and Compliance (GRC), from the perspective of the alignment and integration of processes. For its development it was necessary to conduct a thorough study of the concepts of GRC, identify the common elements that lead to their integration and their measurement, and understand the conceptual framework of Systems Theory and its relationship to the processes of organizational development.

The research to validate the model is based on a constructivist paradigm using a qualitative methodology. The state of maturity of GRC is diagnosed based on the perception of the alignment and integration of processes by different observers. The instrument designed to measure this perception was a survey of a representative number of people belonging to different functional areas within the organization. To determine a single measurement of the perception of the state of maturity of GRC, a triangulation process relied on quantitative methods was performed.

As a result of this research it is presented the conceptual definition of GRC maturity as an emergent property of the organization, which arises as a result of the alignment and integration of GRC processes. This definition is operationalized by defining a function that measures systemic GRC maturity depending on the degree of alignment and integration of processes. This function is implemented on an instrument that allows measurement of GRC maturity.

Full Text: PDF