Integrity, Internal Control and Security in Information Systems

IT Governance is finally getting the Board's and top management's attention. The value that IT needs to return and the associated risks that need to be managed, have become so important in many industries that enterprise survival depends on it. Information integrity is a significant part of the IT Governance challenge. Among other things, this conference will explore how Information Integrity contributes to the overall control and governance frameworks that enterprises need to put in place for IT to deliver business value and for corporate officers to be comfortable about the IT risks the enterprise faces. The goals for this international working conference are to find answers to the following questions: what precisely do business managers need in order to have confidence in the integrity of their information systems and their data; what is the status quo of research and development in this area; where are the gaps between business needs on the one hand and research I development on the other; what needs to be done to bridge these gaps. The contributions have been divided in the following sections: Refereed papers. These are papers that have been selected through a blind refereeing process by an international programme committee. Invited papers. Well known experts present practice and research papers upon invitation by the programme committee. Tutorial. Two papers describe the background, status quo and future development of CobiT as well as a case of an implementation of Co biT.