4th International Workshop on Current Information Security and Compliance Issues in Information Systems Research (CIISR 2024)

Description

Companies today face the tension between realizing the possibilities of advanced digitalization, complying with legal regulations, and securing information assets in the context of the growing connectivity of people, data, and things. However, an effective compliance, risk, and security strategy, and the appropriate implementation of corresponding measures have become indispensable not only in business environments but also in other types of organizations as well as in academia.

Due to current developments in the field of artificial intelligence (AI) and the rapid spread of large language models such as ChatGPT, voices are increasingly being raised that see a need to regulate the use of AI and focus more strongly on security aspects. One example is a draft for a new EU regulation, the so-called AI Act, which proposes „harmonized regulations for artificial intelligence“ and thus once again gives new impetus to the topics of compliance and (information) security in information systems research (ISR). Consequently, in addition to traditional research streams such as information security management and business process compliance, there are also new streams dealing with information security and compliance, such as data-driven initiatives at the interface with ISR.

The 4th International Workshop on Current Information Security and Compliance Issues in Information Systems Research (CIISR 2024) provides a platform for all topics related to information security and compliance that are part of the ISR discipline or have interfaces with it. The workshop will take place on September 16, 2023, in conjunction with the 19th International Conference on Wirtschaftsinformatik (WI 2024). Based on the main theme of the conference, we will discuss current issues, which are of great importance for ISR in an ever-increasing digitalization.

This workshop provides the opportunity for (senior) researchers and practitioners to present and discuss their latest research, but also serves as a forum for young scientists and doctoral students to present early or ongoing research results.

We invite three specific types of papers (English only):

  • (1) Full papers (research papers/practical reports): This submission type includes both advanced research with at least partial evaluation and comprehensive practical contributions.
  • (2) Short papers (research in progress papers/short practical reports): Short papers represent ongoing research or ongoing practical projects. In addition to presenting initial results, these papers should also contain an outlook on further research or on further project progress, including planned future work steps.
  • (3) Extended abstracts: Extended abstracts present and discuss high-quality results of already published journal contributions (or dissertations/postdoctoral theses) with relevance to the workshop topic. The republication of conference papers is not permitted.

In terms of length requirements, we follow the official WI 2024 guidelines for short and long papers.

Topics

We cordially invite authors to submit and present full papers, short papers, or extended abstracts relevant to the workshop topic. We welcome practical contributions, empirical studies, systematic literature analyses, as well as research papers following the design science research paradigm. The topics of interest include, but are not limited to:

  • Information security policy compliance (ISPC)
    • Effectiveness of information security management standards
    • Security education training and awareness (SETA)
    • Handling of data breaches
  • Information security and compliance related to data-driven approaches at the interface with ISR
    • Regulatory, moral, and ethical aspects of using AI in information systems
    • The role of compliance and information security in data science applications and projects
  • Ensuring business process compliance/security
    • Business process compliance/security in the context of outsourcing or in consideration of economic/social factors
    • Information security and compliance issues related to process mining
  • Current issues of IT compliance
    • Impact of current IT-related legal regulations (e.g., the Digital Operational Resilience Act (DORA), the General Data Protection Regulation (GDPR), the draft of the AI Act, and other) on the operations of companies and/or (governmental) institutions.
  • Information security and compliance issues related to current crises (e.g., the climate crisis)

Contributions addressing other workshop-relevant topics are also welcome. For the latest information on the CIISR workshop, please visit the official workshop website:

CIISR Website

For further questions concerning the workshop or submissions, please contact Stephan Kühnel (stephan.kuehnel@wiwi.uni-halle.de).

Registration is required and will be available via Conftool.

Target Group

The target group of the CIISR workshop includes academics whose research focus is on current information security and compliance issues, practitioners working in the fields of information security and/or compliance, and all other interested parties.

Interested participants can also register for participation in the workshop without submitting a contribution.

Verantwortliche Organisatoren

  • Dr. Stephan Kühnel
    Chair for Information Systems, esp. Business Information Management
    Martin Luther University Halle-Wittenberg
    Universitaetsring 3, 06108 Halle (Saale), Germany
    Email: stephan.kuehnel@wiwi.uni-halle.d
  • Dr. Ilja Nastjuk
    Chair for Information Security and Compliance
    Georg August University of Goettingen
    Platz der Goettinger Sieben 5, 37073 Goettingen, Germany
    Email: ilja.nastjuk@uni-goettingen.de
  • Prof. Dr. Stefan Sackmann
    Chair for Information Systems, esp. Business Information Management
    Martin Luther University Halle-Wittenberg
    Universitaetsring 3, 06108 Halle (Saale), Germany
    Email: stefan.sackmann@wiwi.uni-halle.de
  • Prof. Dr. Simon Trang
    Chair for Information Systems, esp. Sustainability
    Paderborn University
    Warburger Straße 100, 33098 Paderborn, Germany
    Email: simon.trang@uni-paderborn.de
    Chair for Information Security and Compliance
    Georg August University of Goettingen
    Platz der Goettinger Sieben 5, 37073 Goettingen, Germany
    Email: simon.trang@wiwi.uni-goettingen.de