Compliance has become a strategic concern for many companies and organizations. To prove actual compliance, the organization must disclose itself (be auditable). A plethora of advanced tools has been developed to support compliance management and auditing processes. However, not all organizations are the same. To apply these tools effectively and efficiently, the organization itself and the maturity of its management control should be considered as well. The goal of this exploratory paper is to define auditability on a general conceptual level. We introduce four levels of auditability, where each level adds to the self-knowledge and being-in-control of the organization.
|Title of host publication||Proceedings of the CAiSE'13 Forum at the 25th International Conference on Advanced Information Systems Engineering|
|Editors||R. Deneckere, H. Proper|
|Place of Publication||Aachen, Germany|
|Publisher||CEUR Workshop Proceedings|
|Publication status||Published - 2013|