|
Title:
|
IT-COMPLIANCE IN SME - A METHOD
FOR THE ADAPTED USE OF FRAMEWORKS |
|
Author(s):
|
Nico Deistler |
|
ISBN:
|
978-989-8704-48-1 |
|
Editors:
|
Miguel Baptista Nunes, Pedro IsaĆas and Philip Powell |
|
Year:
|
2023 |
|
Edition:
|
Single |
|
Keywords:
|
IT-Compliance, GRC, SME, Design-Science Research |
|
Type:
|
Full Paper |
|
First Page:
|
212 |
|
Last Page:
|
220 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
The digital transformation of business processes and the integration of IT systems leads to opportunities and risks for
small and medium-sized enterprises (SMEs). Risks that can result in a lack of IT Governance, Risk and Compliance
(GRC). The purpose of this paper is to present the Design and Evaluation phase of creating an artefact, to reduce these
risks. With this, the Design Science Research approach based on Hevner is using. The artefact will be developed by
selecting relevant existing frameworks and the identification of SME-specific competencies. The method enables
IT-GRC managers to transfer or adapt the frameworks to an SME organizational structure. The results from ten
interviews and further three feedback loops showed that the method can be applied in practice and that a tailoring of
established frameworks can take place. Contrary to the previous basic orientation of the research, this paper focuses on
the concretization of approaches. |
|
|
|
|
|
|
