The Implementation of Governance Risk and Compliance Information Systems (GRC IS): Adoption Lifecycle and Enterprise Value

Governance, Risk and Compliance (GRC) has become an emerging field within the IS academic community. Motivated by this research direction, the study capitalizes on the theoretical background of Enterprise Systems (ES) and extends the focus on GRC systems’ implementation (enterprise value and lifecycle). Building upon expert views on GRC IS implementation projects, the analysis indicates that the three value drivers of integration; optimization and information should be considered throughout the whole GRC IS implementation lifecycle

An enterprise systems perspective to GRC IS implementation process

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.Governance, Risk and Compliance (GRC) Information Systems (IS) as an integrated technology has been introduced recently to facilitate the demanding operational and financial environment of the enterprises. The implementation process and the adoption of such systems is considered as a significant parameter influencing the success of operational performance and financial governance and could support the competitive advantage practices within the organisations. However, GRC literature is limited regarding the analysis of the implementation and adoption success. Therefore, there is a need for further research and contribution about these systems and more specifically their implementation process. Consequently, this investigation and analysis can provide an insight of this process by examining the aspects of the implementation, the lifecycle phases followed and the enterprise value drivers in each of these phases. Therefore, a framework was developed for structuring the analysis of this implementation including all these three elements as these were provided by the theoretic background. The empirical context of this research includes three field investigation studies based on the experience of key implementation stakeholder groups as participants. These investigation studies were analysed using thematic techniques following an interpretative qualitative analysis approach. It was proved that organisations have, directly or indirectly, followed specific lifecycle phases when they implement GRC systems as these are also described in the framework. Also they should consider specific aspects about the GRC systems and enterprise value drivers for the different lifecycle phases but also for a holistic approach of the implementation process. Hence new GRC implementation projects can use the phases and the analysis of these elements to facilitate and ease their decision-making and strategic planning before launching the implementation project. The analysis of the GRC implementation proved that a strict GRC environment can be established in the organisations through the successful implementation of a GRC technology. The implementation process of such technologies would require a preparation for the organisational environment in order the implementation project to succeed the GRC goals and the system to be integrated and optimised harmoniously within the enterprise environment. This study provides insight of how this implementation projects could be planned and developed and gives a directive blueprint for preparing organisations hosting such technological initiatives. The results of all field investigation phases, which can be considered as the contributions to theory and practice of this research, can have twofold implications: initially the development of a theoretical framework based on enterprise systems theories, and also an analysis of the GRC implementation process in specific. The framework is designed to structure the analysis of the GRC implementation aspects, the lifecycle phases and the enterprise value drivers of the GRC implementation process. This framework is used for visualising and structuring a specific analysis of the GRC adoption and success, and therefore this analysis can be used by practitioners and researchers to further evaluate and analyse this process. Furthermore, organisations can use this analysis for decision-making processes; as this analysis can provide a primary view for the implementation projects

The emergence of dynamic capabilities from a SME- enterprise system upgrade

Since the past decade, many studies have attempted to examine the Enterprise Systems (ES) implementations in multinational corporations (MNCs). However, there is a paucity of such research which focuses on ES implementation and upgrade for small and medium enterprises (SMEs). With respect to that, the upgrade of Sage ACCPAC system at Chio Lim Stone Forest (CLSF), the best performing Singapore-based SME accounting firm, provides us with a rich fertile ground to examine the mechanisms of achieving success in an ES system upgrade. Combining two theoretical lenses, the ES Experience Cycle and the Capability Development theory, a total of eight key actions that had developed into six key capabilities were identified from the one-year case study. Two theoretical contributions and four practical contributions were shared and documented in this paper