Managing Information Security Risk Using Integrated Governance Risk and Compliance
Recognizing and utilizing IT innovations are essential activities to maintain and strengthen the competitiveness of companies. The IT in companies has the opportunity to change its own role towards a business enabler and driver by establishing a systematic IT innovation management. Existing frameworks and models for IT governance and IT management do not adequately describe how a systematic IT innovation management should be structured and integrated with other tasks and processes. We conducted a qualitative empirical study, which shows that this requirement is also seen as important in practice. Based on the results of this study and by drawing on relevant findings from the literature, we developed a concept for integrating IT innovation management into business IT management. This new function is described along the dimensions of its role, tasks, processes, methods and its integration with other areas such as enterprise architecture management, IT strategy and project portfolio management.