“Bridging the Gap: Highlighting Academia’s Limited Role in Governance, Risk, and Compliance (GRC) Education and Research”

Abstract:
Governance, Risk, and Compliance (GRC) is a crucialframework in today’s business landscape, integrating governance structures, risk management strategies, and regulatory compliance to ensure organizational resilience. As businesses navigate increasingly complex regulatory environments and risk landscapes, GRC has become essential for corporate sustainability. Despite its growing significance, there remains a significant disparity between its widespread industry adoption and its limited presence in academic curricula and research. Industries worldwide invest billions in GRC to mitigate risks, maintain regulatory compliance, and ensure business continuity. However, academic engagement in this field remains limited, leading to a shortage of trained professionals and innovative research contributions. This session examines the underlying causes of this academic gap, its impact on industry and workforce development, and how fostering stronger collaboration between academia and industry can enhance GRC education, research, and professional practice.

Bio:
Prof. Ali Al-Haj received his undergraduate degree in Electrical Engineering from Yarmouk University, Jordan, in 1985, followed by an M.Sc. degree in Electronics Engineering from Tottori University, Japan, in 1988 and a Ph.D. degree in Electronics Engineering from Osaka University, Japan, in 1993. He then worked as a research associate at ATR Advanced Telecommunications Research Laboratories in Kyoto, Japan, until 1995. Al-Haj joined Princess Sumaya University for Technology, Jordan, in October 1995, where he currently serves as a Full Professor. He has published papers in dataflow computing, information retrieval, VLSI digital signal processing, neural networks, information security, and digital multimedia watermarking. Al-Haj is currently a visiting Fulbright Scholar at CERIAS, hosted by Prof. Eugene Spafford. His current research interests include among others: Cybersecurity Governance, Risk and Compliance (GRC), Digital Trust Frameworks, Cybersecurity Workforce and Curricula Development, and Cybersecurity Policy Development.