-
Integrated a Governance, Risk Management and Compliance (GRC) Framework into an Education Sector
- Dabiah Alboaneen
Imam Abdulrahman Bin Faisal University
dabuainain@iau.edu.sa
- Aljazi Alkhalaf
Imam Abdulrahman Bin Faisal University
dabuainain@iau.edu.sa
- Assail Alyami
Imam Abdulrahman Bin Faisal University
dabuainain@iau.edu.sa
- Bashayer Allail
Imam Abdulrahman Bin Faisal University
dabuainain@iau.edu.sa
- Esra Alyami
Imam Abdulrahman Bin Faisal University
dabuainain@iau.edu.sa
- Abdulrahman Almajed
Saudi Cloud Computing Association
dabuainain@iau.edu.sa
Keywords: Test
Abstract
Education plays an important role in the growth and development of society. To meet regulations and manage risks in the continuously changing education field, an automated tool can be applied to measure and evaluate risk and compliance. This paper provides an integrated Governance, Risk Management, and Compliance (GRC) framework for the higher education sector, which is applied in the Computer Science department at Imam Abdulrahman Bin Faisal University. Introducing Privacy and Security as new GRC framework elements combined with other elements. Moreover, providing a GRC framework enables taking a proactive approach to risk impact assessment, making informed choices, and guaranteeing ongoing operations. Ultimately, a compliance tracker tool is applied to coordinate and monitor the Computer Science department's compliance.