TY  - CHAP
U1  - Konferenzveröffentlichung
A1  - Deistler, Nico
T1  - IT-Compliance in SME - a method for the adapted use of frameworks
T2  - Proceedings of the 16th IADIS International Conference Information Systems 2023, 11-13 March, Lisbon, Portugal
N2  - The digital transformation of business processes and the integration of IT systems leads to opportunities and risks for small and medium-sized enterprises (SMEs). Risks that can result in a lack of IT Governance, Risk and Compliance (GRC). The purpose of this paper is to present the Design and Evaluation phase of creating an artefact, to reduce these risks. With this, the Design Science Research approach based on Hevner is using. The artefact will be developed by selecting relevant existing frameworks and the identification of SME-specific competencies. The method enables IT-GRC managers to transfer or adapt the frameworks to an SME organizational structure. The results from ten interviews and further three feedback loops showed that the method can be applied in practice and that a tailoring of established frameworks can take place. Contrary to the previous basic orientation of the research, this paper focuses on the concretization of approaches.
KW  - IT-Compliance
KW  - GRC
KW  - SME
KW  - Design-Science Research
Y1  - 2023
UR  - https://www.is-conf.org/is-2023-file/
SN  - 978-989-8704-48-1
SB  - 978-989-8704-48-1
SP  - 212
EP  - 220
PB  - International Association for the Development of the Information Society (IADIS)
ER  -