An IT-GRC approach in SME
- The digital transformation of business processes and the integration of IT systems leads to opportunities and risks for small and medium-sized enterprises (SMEs). Risks that can result in a lack of IT compliance. The purpose of this research-in-progress paper is to present the current state of a IT-Governance-Risk-Compliance (IT-GRC) research-project. First, the results of an already conducted literature research will be discussed, combined with qualitative interviews (expert survey) of persons close to IT compliance. In the context of this paper, a first design approach will be developed by selecting relevant existing frameworks and standards and the identification of SME-specific conditions. The first design is intended to contribute a further artefact conception of tailoring approaches and standards and the creation of a guidance.
| Author: | Nico DeistlerORCiD, Christopher RentropORCiD |
|---|---|
| ISBN: | 978-989-8704-37-5 |
| Parent Title (English): | 15th IADIS International Conferenence Information Systems, 12-14 March 2022, virtual |
| Publisher: | IADIS Press |
| Document Type: | Conference Proceeding |
| Language: | English |
| Year of Publication: | 2022 |
| Contributing Corporation: | International Association for the Development of the Information Society (IADIS) |
| Release Date: | 2023/01/17 |
| Tag: | IT-GRC; IT-Compliance; SME; DSR |
| First Page: | 233 |
| Last Page: | 237 |
| Relevance: | Keine peer reviewed Publikation (Wissenschaftlicher Artikel und Aufsatz, Proceeding, Artikel in Tagungsband) |
| Open Access?: | Nein |
