Title :
IT Compliance Management Process Modeling Based on Best Practices Reference Models and Qualitative Data
Author :
Pereira, Rui ; da Silva, Miguel Mira
Author_Institution :
Dept. of Comput. Sci., Inst. Super. Tecnico, Lisbon, Portugal
Abstract :
IT is becoming pervasive in all organizations as well as regulatory compliance requirements are becoming increasingly pervasive and burdensome. Several IT frameworks, which have been criticized by many researchers, exist to help organizations to mitigate IT compliance issues. However, the majority of the organizations keep being reactive when dealing with IT compliance. The goal of this paper is to analyze the main IT frameworks and literature and propose to model the IT Compliance Management process. The main contribution of this paper is the model of the IT compliance management process based in both scientific and practitioner viewpoint. We used Design Science Research as research methodology to design our proposal, we also used the concept-centric methodology to perform our literature review, and finally we evaluate our proposal with expert´s interviews. We finish our paper with contributions, lessons learned and future work.
Keywords :
business data processing; data handling; organisational aspects; IT compliance management process modeling; IT frameworks; concept centric methodology; design science research; qualitative data; reference models; Guidelines; Organizations; Process control; Proposals; Standards organizations; BPMN; Design Science Research (DSR); IT Compliance; IT Governance (ITG); IT frameworks; Process Modelling; interviews;
Conference_Titel :
Enterprise Distributed Object Computing Conference Workshops (EDOCW), 2013 17th IEEE International
Conference_Location :
Vancouver, BC
DOI :
10.1109/EDOCW.2013.27
