Regulatory compliance in information systems research - Literature analysis and research agenda

Lecture Notes in Business Information Processing

Volumn 29 LNBIP, Issue , 2009, Pages 174-186

  Cleven, Anne ^a   Winter, Robert ^a  

^a UNIVERSITY OF ST GALLEN   (Switzerland)

Author keywords

Compliance; Information systems research; Literature analysis; Regulations

Indexed keywords

COMPUTER SUPPORTED COOPERATIVE WORK; REGULATORY COMPLIANCE; RESEARCH;

ANALYSIS AND DESIGN; COMPLIANCE; CORPORATE CULTURE; DATA FLOW; GOVERNANCE STRUCTURES; INTEGRATED DESIGNS; LITERATURE ANALYSIS; REGULATIONS; RELEVANT COMPONENTS; RESEARCH AGENDA; SOFTWARE SYSTEMS;

INFORMATION SYSTEMS;

EID: 67249117350     PISSN: 18651348     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-3-642-01862-6_15     Document Type: Conference Paper

References (37)

1. Aier, S., Kurpjuweit, S., Saat, J., Winter, R.: Business Engineering Navigator - A Business to IT Approach to Enterprise Architecture Management. In: Bernard, S., Doucet, G., G0tze, J., Saha, P. (eds.) Coherency Management - Architecting the Enterprise for Alignment, Agility, and Assurance Ed. (2009)
2. Braganza, A., Desouza, K.C.: Implementing Section 404 of the Sarbanes Oxley Act: Recommendations for Information Systems Organizations. Communications of the Association for Information Systems 18, 464-487 (2006)
3. Braganza, A., Franken, A.: SOX, Compliance, and Power Relationships. Communications of the ACM 50(9), 97-102 (2007)
4. Braganza, A., Hackney, R.: Diffusing Management Information for Legal Compliance: the Role of the IS Organization within the Sarbanes-Oxley Act. Journal of Organizational and End User Computing 20, 1-24 (2008)
5. Breaux, T.D., Antón, A.I.: Analyzing Regulatory Rules for Privacy and Security Requirements. IEEE Transactions on Software Engineering 34(1), 5-20 (2008)
6. Brown, A.E., Grant, G.G.: Framing the Frameworks: A Review of IT Governance Research. Communications of the Association for Information Systems 15, 696-712 (2005)
7. Butler, T., McGovern, D.: Adoption IT to Manage Compliance and Risks: An Institutional Perspective. In: Proceedings of the 16th European Conference on Information Systems (ECIS), Galway, Ireland, pp. 1034-1045 (2008)
8. Coglianese, C.: Information Technology and Regulatory Policy: New Directions for Digital Government Research. Social Science Computer Review 22(1), 85-91 (2004)
9. Cooper, H.M.: Organizing knowledge syntheses: A taxonomy of literature reviews. Knowledge in Society 1, 104-126 (1988)
10. Currie, W.: Institutionalization of IT Compliance: A Longitudinal Study. In: Proceedings of the 29th International Conference on Information Systems (ICIS), Paris, France (2008)
11. Fisher, J., Harindranath, G.: Regulation as a barrier to electronic commerce in Europe: the case of the European fund management industry. European Journal of Information Systems 13, 260-272 (2004)
12. Goldschmidt, P.: Managing the false alarms: A framework for assurance and verification of surveillance monitoring. Information Systems Frontiers 9(5), 541-556 (2007)
13. Hall, J.A., Liedtka, S.L., Gupta, P., Liedtka, J., Tompkins, S.: The Sarbanes-Oxley Act: Implications for Large-Scale IT-Outsourcing. Communications of the ACM 50(3), 95-100 (2007)
14. Hu, Q., Hart, P., Cooke, D.: The Role of External and Internal Influences on Information Systems Security - A Neo-Institutional Perspective. Journal of Strategic Information Systems 16, 153-172 (2007)
15. IEEE: IEEE Recommended Practice for Architectural Description of Software Intensive Systems (IEEE Std 1471-2000). IEEE Computer Society, New York (2000)
16. Kim, H.M., Fox, M.S., Sengupta, A.: How To Build Enterprise Data Models To Achieve Compliance To Standards Or Regulatory Requirements (and share data). Journal of the Association of Information Systems 8(2), 105-128 (2007)
17. Ma, Q., Pearson, J.M.: ISO 17799: Best Practices in Information Security Management? Communications of the Association for Information Systems 15, 577-591 (2005)
18. Matsuura, J.H.: An Overview of Leading Current Legal Issues Affecting Information Technology Professionals. Information Systems Frontiers 6(2), 153-160 (2004)
19. Merhout, J.W., Havelka, D.: Information Technology Auditing: A Value-Added IT Governance Partnership between IT Management and Audit. Communications of the Association for Information Systems 23, 463-182 (2008)
20. Mishra, S., Weistroffer, H.R.: A Framework for Integrating Sarbanes-Oxley Compliance into the Systems Development Process. Communications of the Association for Information Systems 20, 712-727 (2007)
21. Opengroup: TOGAF Enterprise Edition Version 8.1. The Open Group (2003)
22. Österle, H., Winter, R.: Business Engineering - Auf dem Weg zum Unternehmen des In- formationszeitalters. In: Osterle, H., Winter, R. (eds.) Business Engineering, 2nd edn., pp. 3-19. Springer, Berlin (2003)
23. Panko, R.R.: Spreadsheets and Sarbanes-Oxley: Regulations, Risks, and Control Frameworks. Communications of the Association for Information Systems 17, 647-676 (2006)
24. Raghupathi, W.R.: Corporate Governance of IT: A Framework for Development. Communications of the ACM 50(8), 94-99 (2007)
25. Schekkerman, J.: How to Survive in the Jungle of Enterprise Architecture Frameworks: Creating or Choosing an Enterprise Architecture Framework. Trafford Publishing, Victoria (2004)
26. Schwaig, K.S., Kane, G.C., Storey, V.C.: Compliance to the Fair Information Practices: How are the Fortune 500 handling Online Privacy Disclosures? Information & Management 43(7), 805-820 (2006)
27. Schwerha IV, J.J.: Cybercrime: Legal Standards Governing the Collection of Digital Evidence. Information Systems Frontiers 6(2), 133-151 (2004)
28. Securities Industry Association, C., Legal, D.: The Role of Compliance. Journal of Investment Compliance 6(3), 4-22 (2005)
29. Setiono, R., Mues, C., Baesens, B.: Risk Management and Regulatory Compliance: A Data Mining Framework Based on Neural Network Rule Extraction. In: Proceedings of the 27th International Conference on Information Systems (ICIS), Paris, France (2006)
30. Smith, H.A., McKeen, J.D.: Developments In Practice XXI: IT in the New World of Corporate Governance Reforms. Communications of the Association for Information Systems 17, 714-727 (2006)
31. Taylor, C.: The Evolution of Compliance. Journal of Investment Compliance 6(4), 54-58 (2005)
32. Tyler, T., Dienhart, J., Thomas, T.: The Ethical Commitment to Compliance: Buildung Value-Based Cultures. California Management Review 50(2), 31-51 (2008)
33. Volonino, L., Gessner, G.H., Kermis, G.F.: Holistic Compliance with Sarbanes-Oxley. Communications of the Association for Information Systems 14, 219-233 (2004)
34. Wagner, S., Dittmar, L.: The Unexpected Benefits of Sarbanes-Oxley. Harvard Business Review 84(4), 133-140 (2006)
35. Willcocks, L., Whitley, E.A., Avgerou, C.: The ranking of top IS journals: a perspective from the London School of Economics. European Journal of Information Systems 17, 163-168(2008)
36. Winter, R.: Design Science Research in Europe. European Journal of Information Systems 17, 470-475 (2008)
37. Winter, R., Fischer, R.: Essential Layers, Artifacts, and Dependencies of Enterprise Architecture. In: Society, I.C. (ed.) Proceedings of the EDOC Workshop on Trends in Enterprise Architecture Research (TEAR 2006). IEEE Computer Society, Los Alamitos (2006)