Informationstechnologie, Governance und Compliance

Abstract

The paper presents the results of a World Wide Web research on the relationships between information technology (IT) on the one hand and governance and compliance on the other. The research sheds light on two different roles IT can take up in governance and compliance. Firstly, IT is used as an instrument or tool in support of implementing governance and compliance in organizations. Secondly, IT is an important concern in governance and assurance of compliance in organizations, resulting in IT-governance and IT-compliance as issues of their own. Since the domains of governance and compliance overlap in some respect, both areas are not always properly distinguished. This can especially be observed in offerings of IT consulting firms and in the positioning of products of software developers and vendors which are often vaguely labeled as "Governance, Risk and Compliance (GRC) Software". An imprecise and somewhat inflationary use of the terms governance and compliance impedes a systematic analysis of the field.