Dépôt institutionnel de l'UQO

Integrating governance, risk, and compliance management to enhance requirements engineering in information technology projects


Téléchargements par mois depuis la dernière année

Plus de statistiques...

Bett, Richard (2009). Integrating governance, risk, and compliance management to enhance requirements engineering in information technology projects. Mémoire. Gatineau, Université du Québec en Outaouais, Département des sciences administratives, 176 p.

[thumbnail of Bett_Richard_2009_mémoire.PDF]
Télécharger (83MB) | Prévisualisation


A typical Information Technology (IT) project involves a number of disciplines working concurrently throughout a Systems Development Lifecycle (SDLC). Requirements Engineering (RE) is one of the key project activities in the front-end of the lifecycle, generally performed jointly by Business and Systems Analysts.

Several studies of IT project failures have revealed that key factors include a lack of proper IT project management methods, and especially the absence of a well-defined RE process. While PM best practices, both generic and IT-focused, are highly evolved and sufficient to deal with the first factor, there is still a lack of standardized RE framework to serve as a guide for IT projects.

We propose to explore an opportunity to enhance the RE process by integrating emerging best practices in a related discipline, namely Governance, Risk, and Compliance Management (GRCM). Founded on the concepts of Strategic Management, Corporate Governance, and Policy Deployment, GRCM provides a framework for managing organization-wide risks, meet regularly compliance imposed by the organization's environment, and establish a governance infrastructure to deploy risk management policies and ensuring compliance across multiple projects.

The objective of this thesis is to see if a new GRCM discipline could be integrated in a standard SDLC. It could provide a new basis to improve Software Engineering methods in order to ensure the organization has enterprise-wide coherence into performing RE activities in every IT projects.

The research methodology used in this paper is based on the academic journal entitled "Investigating Information Systems with Positivist Case Study Research" authored by Guy Paré.

We performed a comparative analysis of RE activities in four key enterprise-wide IT projects. Data analysis is performed to see if the two following objectives can be fulfilled.

a. Develop and validate a new GRCM and RE capability measurement framework
b. Explore to what extent GRCM capabilities are correlated with RE capabilities

We concluded with a future research section, where examples of moving the GRCM and RE disciplines forward in IT projects are given.

Type de document: Thèse (Mémoire)
Directeur de mémoire/thèse: Gagnon, Stéphane
Informations complémentaires: Bibliothèque L.-Brault T 58 .64 B48 2009. Comprend des réf. bibliogr. : p. 168-176. Le texte de ce mémoire est en anglais.
Mots-clés libres: Systèmes d'information; Gestion; Technologie de l'information; Ingénierie des systèmes; Gestion de projet
Départements et école, unités de recherche et services: Sciences administratives
Date de dépôt: 10 déc. 2012 20:00
Dernière modification: 12 déc. 2013 14:35
URI: https://di.uqo.ca/id/eprint/392

Gestion Actions (Identification requise)

Dernière vérification avant le dépôt Dernière vérification avant le dépôt