Publication type: Conference paper
Type of review: Peer review (publication)
Title: IT governance and its spread in Swiss hospitals
Authors: Krey, Mike
Harriehausen, Bettina
Knoll, Matthias
Furnell, Steven
Proceedings: Proceedings of the IADIS International Conference on e-Health 2010
Editors of the parent work: Macedo, Mário
Pages: 52
Pages to: 60
Conference details: 2nd International Conference on e-Health (part of the IADIS Multi Conference on Computer Science and Information Systems 2010), Freiburg, 29-31 July 2010
Issue Date: 2010
Publisher / Ed. Institution: International Association for the Development of the Information Society (IADIS) Press
ISBN: 978-972-8939-16-8
Language: English
Subjects: GRC; IT; Governance; ITIL; IT Management; Survey; Healthcare
Subject (DDC): 004: Computer science
362.11: Hospitals and related institutions
Abstract: Governance, Risk Management and Compliance (GRC) is an executive level concern in many enterprises today. It is an approach that addresses not only the establishment of business rules but more importantly how those rules are integrated into sensible organizational structures, embedded into the day-to-day business processes of the organization, communicated including ongoing training and monitored for compliance. In the first section of this paper, different focus areas for the GRC approach have been derived. The successful application of IT governance principles can provide a mechanism to increase the effectiveness of IT and, in turn, meet the increasingly high demands from business for IT. The purpose of a survey with several Swiss hospital CIOs was to reach members of the IT management to determine their sense of priority and actions taken relative to IT governance, as well as their need for tools and services to help ensure effective IT governance. This survey aims to give an overview of the common IT governance models already used in the healthcare sector and attempts to answer the question if they really meet the requirements of the healthcare sector as a complex and heterogeneous economic sector. To accomplish these aims, a maturity model has been developed to measure the extent to which the different GRC focus areas based on the Control Objectives for Information and related Technology (CobiT) Maturity Model have been selected and how they have been perceived.
Fulltext version: Published version
License (according to publishing contract): Licence according to publishing contract
Departement: School of Management and Law
Organisational Unit: Institute of Business Information Technology (IWI)
Appears in collections:Publikationen School of Management and Law

Files in This Item:
There are no files associated with this item.

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.