{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,14]],"date-time":"2025-05-14T04:11:12Z","timestamp":1747195872131,"version":"3.40.5"},"reference-count":28,"publisher":"Springer Fachmedien Wiesbaden GmbH","issue":"5","license":[{"start":{"date-parts":[[2020,4,24]],"date-time":"2020-04-24T00:00:00Z","timestamp":1587686400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2020,4,24]],"date-time":"2020-04-24T00:00:00Z","timestamp":1587686400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"name":"Hochschule Konstanz Technik, Wirtschaft und Gestaltung"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["HMD"],"published-print":{"date-parts":[[2020,10]]},"abstract":"<jats:title>Zusammenfassung<\/jats:title><jats:p>Kleine und mittelst\u00e4ndische Unternehmen (KMU) sind bekannt f\u00fcr ihre Innovationskraft und bilden das R\u00fcckgrat der deutschen Wirtschaft. Wie Studien zeigen sind sie in Bezug auf Compliance-Ma\u00dfnahmen im Vergleich zu kapitalmarktorientierten Unternehmen jedoch im R\u00fcckstand. Eine gesonderte Betrachtung der IT-Compliance erfolgt dabei in den Studien in der Regel nicht. Auch wenn zu den Gr\u00fcnden und Motiven fehlender IT-Compliance-Strukturen in KMU kaum Forschungsergebnisse vorliegen, zeigen doch die vielen Publikationen, die sich mit Teilaspekten von Compliance und KMU besch\u00e4ftigen, dass Handlungsbedarf besteht. Insbesondere die aktuellen Ver\u00e4nderungen unter dem Stichwort Digitalisierung deuten auf eine gesteigerte Bedeutung von IT-Compliance-Ma\u00dfnahmen vor allem in mittelst\u00e4ndischen Unternehmen. In dieser Arbeit sollen daher mithilfe einer Literaturrecherche die aktuell behandelten Themen in Bezug auf IT-Compliance und KMU analysiert sowie aktuelle Themenschwerpunkte herausgearbeitet werden.<\/jats:p>","DOI":"10.1365\/s40702-020-00612-z","type":"journal-article","created":{"date-parts":[[2020,4,24]],"date-time":"2020-04-24T12:22:41Z","timestamp":1587730961000},"page":"1047-1057","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["IT-Compliance in KMU \u2013 State of the art","IT Compliance in SME\u2014State of the art"],"prefix":"10.1365","volume":"57","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4114-5092","authenticated-orcid":false,"given":"Nico","family":"Deistler","sequence":"first","affiliation":[]},{"given":"Christopher","family":"Rentrop","sequence":"additional","affiliation":[]}],"member":"93","published-online":{"date-parts":[[2020,4,24]]},"reference":[{"key":"612_CR1","first-page":"1","volume-title":"Hawaii International Conference on System Sciences (HICSS)","author":"Y Barlette","year":"2008","unstructured":"Barlette\u00a0Y, Fomin\u00a0VV (2008) Exploring the suitability of IS security management standards for SMEs. In: Hawaii International Conference on System Sciences (HICSS) Waikoloa, Big Island Hawaii, S\u00a01\u201310"},{"key":"612_CR2","volume-title":"IT Governance: Das Taschenbuch basierend auf COBIT","author":"K Brand","year":"2005","unstructured":"Brand\u00a0K, Boonen\u00a0H (2005) IT Governance: Das Taschenbuch basierend auf COBIT. Van Haren, Zaltbommel"},{"key":"612_CR3","volume-title":"Studie IT-Trends 2016. Digitalisierung ohne Innovation","author":"Capgemini","year":"2016","unstructured":"Capgemini (2016) Studie IT-Trends 2016. Digitalisierung ohne Innovation. Capgemini Consulting, Paris"},{"key":"612_CR4","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-8349-3988-3","volume-title":"IT Compliance in der Corporate Governance. Anforderungen und Umsetzung","author":"M Falk","year":"2012","unstructured":"Falk\u00a0M (2012) IT Compliance in der Corporate Governance. Anforderungen und Umsetzung. Springer, Wiesbaden"},{"key":"612_CR5","volume-title":"Studie Compliance im Mittelstand","author":"S Gr\u00fcninger","year":"2014","unstructured":"Gr\u00fcninger\u00a0S, Sch\u00f6ttl\u00a0L, Quintus\u00a0S (2014) Studie Compliance im Mittelstand. HTWG Konstanz, Konstanz"},{"key":"612_CR6","volume-title":"IT Governance. Modelle zur Umsetzung und Pr\u00fcfung","author":"J Heschl","year":"2005","unstructured":"Heschl\u00a0J, Middelhoff\u00a0D (2005) IT Governance. Modelle zur Umsetzung und Pr\u00fcfung. Books on Demand GmbH, Norderstedt"},{"key":"612_CR14","volume-title":"Referenzmodelle f\u00fcr IT Governance. Strategische Effektivit\u00e4t und Effizienz mit COBIT, ITIL & Co","author":"W Johannsen","year":"2007","unstructured":"Johannsen\u00a0W, Goeken\u00a0M (2007) Referenzmodelle f\u00fcr IT Governance. Strategische Effektivit\u00e4t und Effizienz mit COBIT, ITIL & Co. Dpunkt, Heidelberg"},{"issue":"5","key":"612_CR7","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1007\/BF03340623","volume":"48","author":"D Kardel","year":"2011","unstructured":"Kardel\u00a0D (2011) IT-Sicherheitsmanagement in KMU. HMD 48(5):44\u201351","journal-title":"HMD"},{"issue":"9","key":"612_CR8","first-page":"5","volume":"4","author":"M Klotz","year":"2009","unstructured":"Klotz\u00a0M (2009) Facetten der IT-Compliance. IT-Serv Manag 4(9):5\u20138","journal-title":"IT-Serv Manag"},{"key":"612_CR9","series-title":"SIMAT Arbeitspapiere 03\/2011","volume-title":"Regelwerke der IT-Compliance \u2013 Klassifikation und \u00dcbersicht Teil 1: Rechtliche Regelwerke","author":"M Klotz","year":"2011","unstructured":"Klotz\u00a0M (2011) Regelwerke der IT-Compliance \u2013 Klassifikation und \u00dcbersicht Teil\u00a01: Rechtliche Regelwerke. SIMAT Stralsund Information Management Team, Fachhochschule Stralsund, No. 03-11-011, Stralsund. http:\/\/nbn-resolving.de\/urn:nbn:de:0226-simat03110110"},{"issue":"1","key":"612_CR10","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1365\/s40702-017-0287-4","volume":"54","author":"M Knoll","year":"2017","unstructured":"Knoll\u00a0M (2017) IT-Risikomanagement im Zeitalter der Digitalisierung. HMD 54(1):4\u201320","journal-title":"HMD"},{"key":"612_CR11","first-page":"1706","volume-title":"Multikonferenz Wirtschaftsinformatik (MKWI)","author":"E Kolek","year":"2018","unstructured":"Kolek\u00a0E (2018) IT Sicherheit der Digitalisierung in Kleinen und Mittleren Unternehmen: Eine literaturbasierte und empirische Studie von Effekten und Barrieren. In: Multikonferenz Wirtschaftsinformatik (MKWI), S\u00a01706\u20131717"},{"key":"612_CR12","unstructured":"Kronschnabl S (2010) Vorstellung der Studienergebnisse: IT-Sicherheitsstandards und IT-Compliance. https:\/\/www.bsi.bund.de\/SharedDocs\/Downloads\/DE\/BSI\/Veranstaltungen\/Grundschutz\/3GS_Tag_2010\/IBI_Kronschnabel.pdf?__blob=publicationFile&v=1. Zugegriffen: 30. Okt. 2019"},{"issue":"4","key":"612_CR15","doi-asserted-by":"publisher","first-page":"301","DOI":"10.1007\/s12599-017-0484-2","volume":"59","author":"C Legner","year":"2017","unstructured":"Legner\u00a0C, Eymann\u00a0T, Hess\u00a0T, Matt\u00a0C, B\u00f6hmann\u00a0T, Drews\u00a0P, M\u00e4dche\u00a0A, Urbach\u00a0N, Ahlemann\u00a0F (2017) Digitalization: opportunity and challenge for the business and information systems engineering community. Bus Inf Syst Eng 59(4):301\u2013308","journal-title":"Bus Inf Syst Eng"},{"key":"612_CR13","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1365\/s40702-015-0197-2","volume":"53","author":"C Ley","year":"2016","unstructured":"Ley\u00a0C, Bley\u00a0K (2016) Digitalisierung: Chance oder Risiko f\u00fcr den deutschen Mittelstand? \u2013 Eine Studie ausgew\u00e4hlter Unternehmen. HMD 53:29\u201341","journal-title":"HMD"},{"issue":"5","key":"612_CR16","doi-asserted-by":"publisher","first-page":"1065","DOI":"10.1365\/s40702-018-0425-7","volume":"55","author":"D Lindner","year":"2018","unstructured":"Lindner\u00a0D, Ludwig\u00a0T, Amberg\u00a0M (2018) Arbeit 4.0 \u2013 Konzepte f\u00fcr eine neue Arbeitsgestaltung in KMU. HMD 55(5):1065\u20131085","journal-title":"HMD"},{"key":"612_CR17","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1365\/s40702-015-0200-y","volume":"53","author":"T Ludwig","year":"2016","unstructured":"Ludwig\u00a0T, Kotthaus\u00a0C, Stein\u00a0M, Durt\u00a0H, Kurz\u00a0C, Wenz\u00a0J, Doublet\u00a0T, Becker\u00a0M, Pipek\u00a0V, Wulf\u00a0V (2016) Arbeiten im Mittelstand 4.0-KMU im Spannungsfeld des digitalen Wandels. HMD 53:71\u201386","journal-title":"HMD"},{"issue":"2","key":"612_CR18","doi-asserted-by":"publisher","first-page":"86","DOI":"10.1007\/BF03340685","volume":"49","author":"M Nilles","year":"2012","unstructured":"Nilles\u00a0M, Senger\u00a0E (2012) Nachhaltiges IT-Management im Konzern \u2013 von den Unternehmenszielen zur Leistungserbringung in der IT. HMD 49(2):86\u201396","journal-title":"HMD"},{"issue":"1","key":"612_CR19","first-page":"31","volume":"6","author":"S Paulus","year":"2011","unstructured":"Paulus\u00a0S (2011) Outsourcing von GRC-Aufgaben im Mittelstand. Risk Fraud Compliance 6(1):31\u201335","journal-title":"Risk Fraud Compliance"},{"issue":"5","key":"612_CR20","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/BF03341251","volume":"45","author":"G Sch\u00e4fer","year":"2008","unstructured":"Sch\u00e4fer\u00a0G, Strolz\u00a0G, Hertweck\u00a0D (2008) IT Compliance im Mittelstand. HMD 45(5):69\u201377","journal-title":"HMD"},{"issue":"4","key":"612_CR22","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/BF03340832","volume":"50","author":"A Strasser","year":"2013","unstructured":"Strasser\u00a0A, Wittek\u00a0M (2013) Dienstleistungsspektrum der IT Compliance. HMD 50(4):33\u201341","journal-title":"HMD"},{"issue":"1","key":"612_CR21","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/s00287-011-0584-1","volume":"35","author":"A Strasser","year":"2012","unstructured":"Strasser A, Wittek M (2012) IT Compliance. Informatik Spektrum 35(1):39\u201344","journal-title":"Informatik Spektrum"},{"issue":"2","key":"612_CR23","doi-asserted-by":"publisher","first-page":"271","DOI":"10.1365\/s40702-018-0395-9","volume":"55","author":"A Uhl","year":"2018","unstructured":"Uhl\u00a0A, Heinrich\u00a0P, G\u00fcnthner\u00a0R (2018) IoT-basierte Gesch\u00e4ftsmodelle f\u00fcr den Schweizer Mittelstand \u2013 Konzepte f\u00fcr die digitale Zukunft. HMD 55(2):271\u2013283","journal-title":"HMD"},{"issue":"2","key":"612_CR24","first-page":"xiii","volume":"26","author":"J Webster","year":"2002","unstructured":"Webster\u00a0J, Watson\u00a0R (2002) Analyzing the past to prepare for the future:writing a\u00a0literature review. MISQ 26(2):xiii\u2013xxiii","journal-title":"MISQ"},{"key":"612_CR25","volume-title":"IT governance: how top performers manage IT decision rights for superior results","author":"P Weill","year":"2004","unstructured":"Weill\u00a0P, Ross\u00a0J (2004) IT governance: how top performers manage IT decision rights for superior results. Harvard Business School Press, Boston"},{"key":"612_CR26","first-page":"52","volume":"5","author":"A Weiss","year":"2016","unstructured":"Weiss\u00a0A (2016) Ohne Cloud ist das Scheitern der KMU vorprogrammiert. Wirtschaftsinform Manag 5:52\u201354","journal-title":"Wirtschaftsinform Manag"},{"issue":"2","key":"612_CR27","doi-asserted-by":"publisher","first-page":"200","DOI":"10.1365\/s40702-016-0212-2","volume":"53","author":"V Zeller","year":"2016","unstructured":"Zeller\u00a0V, Hoffmann\u00a0J, Gruber\u00a0M, Schuh\u00a0G (2016) GradeIT \u2013 Prozessqualit\u00e4t bei kleinen und mittleren IT-Service-Providern. HMD 53(2):200\u2013212","journal-title":"HMD"},{"key":"612_CR28","volume-title":"Unternehmensbefragung 2017 \u2013 Digitalisierung der Wirtschaft: breite Basis, vielf\u00e4ltige Hemmnisse","author":"V Zimmermann","year":"2017","unstructured":"Zimmermann\u00a0V (2017) Unternehmensbefragung 2017 \u2013 Digitalisierung der Wirtschaft: breite Basis, vielf\u00e4ltige Hemmnisse. Kfw Bankengruppe, Frankfurt"}],"container-title":["HMD Praxis der Wirtschaftsinformatik"],"original-title":[],"language":"de","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1365\/s40702-020-00612-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1365\/s40702-020-00612-z\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1365\/s40702-020-00612-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,23]],"date-time":"2021-04-23T23:06:36Z","timestamp":1619219196000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1365\/s40702-020-00612-z"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,4,24]]},"references-count":28,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2020,10]]}},"alternative-id":["612"],"URL":"https:\/\/doi.org\/10.1365\/s40702-020-00612-z","relation":{},"ISSN":["1436-3011","2198-2775"],"issn-type":[{"type":"print","value":"1436-3011"},{"type":"electronic","value":"2198-2775"}],"subject":[],"published":{"date-parts":[[2020,4,24]]},"assertion":[{"value":"1 November 2019","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"9 March 2020","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"28 March 2020","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 April 2020","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}