Volltext-Downloads (blau) und Frontdoor-Views (grau)

An IT-GRC approach in SME

  • The digital transformation of business processes and the integration of IT systems leads to opportunities and risks for small and medium-sized enterprises (SMEs). Risks that can result in a lack of IT compliance. The purpose of this research-in-progress paper is to present the current state of a IT-Governance-Risk-Compliance (IT-GRC) research-project. First, the results of an already conducted literature research will be discussed, combined with qualitative interviews (expert survey) of persons close to IT compliance. In the context of this paper, a first design approach will be developed by selecting relevant existing frameworks and standards and the identification of SME-specific conditions. The first design is intended to contribute a further artefact conception of tailoring approaches and standards and the creation of a guidance.

Export metadata

Additional Services

Share in Twitter Search Google Scholar


Author:Nico DeistlerORCiD, Christopher RentropORCiD
Parent Title (English):15th IADIS International Conferenence Information Systems, 12-14 March 2022, virtual
Publisher:IADIS Press
Document Type:Conference Proceeding
Year of Publication:2022
Contributing Corporation:International Association for the Development of the Information Society (IADIS)
Release Date:2023/01/17
Tag:IT-GRC; IT-Compliance; SME; DSR
First Page:233
Last Page:237
Relevance:Keine peer reviewed Publikation (Wissenschaftlicher Artikel und Aufsatz, Proceeding, Artikel in Tagungsband)
Open Access?:Nein