A conceptual model and IS framework for the design and adoption of environmental compliance management systems: For special issue on governance, risk and compliance in IS

Environmental concerns have led to a significant increase in the number and scope of compliance imperatives governing electrical, electronics, and IT products across global regulatory environments. This is, of course, in addition to general compliance and risk issues generated by the Sarbanes-Oxley Act, data protection and information privacy legislation, ethics and integrity regulations, IT governance concerns, and so on. While the latter dimensions of enterprise-wide governance, compliance, and risk (GRC) are far from straightforward, the complexity and geographical diversity of environment-based regulatory sources cause considerable problems for organisations in the electrical, electronics and IT sectors. Although a variety of enterprise-level information systems are presently available to help manage compliance and reduce risk across all areas, a majority of firms still employ ad-hoc solutions. This paper focuses on the very-much underexplored issue of environmental compliance and risk. The first objective of this exploratory study is to delineate the problems facing GRC and Environmental Health and Safety (EH&S) functions in dealing with environmental regulations globally and to identify how these problems are being solved using Environmental Compliance Management Systems (ECMS). The second objective is to propose a processbased conceptual model and related IS framework on the design and adoption of ECMS that will inform future research and, it is hoped, the IS adoption decisions of GRC and EH&S practitioners.