International Workshop on Computer Auditing Education, 2015
Presentation Session I: Education and Professional Development Track
Governance, Risk, and Compliance in Higher Education: A Case Study in Middle East

Ezz Hattab, Associate Professor, School of Information Technology, ADUC, Dubai – UAE.


   This paper measures the maturity of governance, risk and compliance (GRC) in Middle East Universities. Relevant standards, policies, and procedures of these universities were used as inputs. GRC Capability Model recommended by OCEG (Open Compliance & Ethics Group) used as a reference model. The Capability Model was customized to gear to the practices of the universities. The customized maturity model was tested and evaluated by a survey conducted by senior academic professionals, representing seven universities from seven countries in Middle East. The survey was used as a measuring tool to measure the level of GRC maturity.