An IT-GRC approach in SME
- The digital transformation of business processes and the integration of IT systems leads to opportunities and risks for small and medium-sized enterprises (SMEs). Risks that can result in a lack of IT compliance. The purpose of this research-in-progress paper is to present the current state of a IT-Governance-Risk-Compliance (IT-GRC) research-project. First, the results of an already conducted literature research will be discussed, combined with qualitative interviews (expert survey) of persons close to IT compliance. In the context of this paper, a first design approach will be developed by selecting relevant existing frameworks and standards and the identification of SME-specific conditions. The first design is intended to contribute a further artefact conception of tailoring approaches and standards and the creation of a guidance.
Author: | Nico DeistlerORCiD, Christopher RentropORCiD |
---|---|
ISBN: | 978-989-8704-37-5 |
Parent Title (English): | 15th IADIS International Conferenence Information Systems, 12-14 March 2022, virtual |
Publisher: | IADIS Press |
Document Type: | Conference Proceeding |
Language: | English |
Year of Publication: | 2022 |
Contributing Corporation: | International Association for the Development of the Information Society (IADIS) |
Release Date: | 2023/01/17 |
Tag: | IT-GRC; IT-Compliance; SME; DSR |
First Page: | 233 |
Last Page: | 237 |
Relevance: | Keine peer reviewed Publikation (Wissenschaftlicher Artikel und Aufsatz, Proceeding, Artikel in Tagungsband) |
Open Access?: | Nein |