Methodology Approach to the Classification of Information Technology Governance, Risk and Compliance Frameworks

摘要

The issues, opportunities and challenges of effectively governing an organization's Information Technology (IT) demands and resources have become a major concern of the Board and executive management in many organisations today. The Swiss healthcare is currently searching for methods and practices for the solution of operational planning and optimisation of IT processes. To make sure that the corporate hospital strategy leads to adequate business decisions an IT GRC Framework for Healthcare will be needed. This paper presents the first task - the classification of existing IT governance frameworks - within the development process. After the dissociation of IT management and corporate governance - a proposal for a classification scheme for IT governance frameworks is described and the application of the classification template is explained.