Loading...

Media is loading
 

Description

Fraud, particularly cybercrime, is an emerging worldwide risk. Despite this, the risk of fraud appears underestimated in discussions of fraud mitigation and risk management in the context of SMEs. This multivocal literature review discusses ways of minimizing fraud for SMEs and IT-supported concepts that are currently proposed in literature. The present review shows that existing concepts often focus on specific or internal fraud risks and organizational countermeasures, but rarely cover newer fraud risks or suggest IT-supported measures to reduce the risk of fraud for SMEs. However, some IT security approaches have been proposed to mitigate fraud, but the area of internal control concepts of compliance and governance appears unconnected to IS approaches. This review identifies a lack of integrated fraud-management concepts, which is surprising due to the omnipresence of ICT, it found limitations in existing concepts and suggests areas for future IS research and academic discussion.

Share

COinS
 
Jan 17th, 12:00 AM

IT-based Fraud Management Approaches in Small and Medium Enterprises – A Multivocal Literature Review

Fraud, particularly cybercrime, is an emerging worldwide risk. Despite this, the risk of fraud appears underestimated in discussions of fraud mitigation and risk management in the context of SMEs. This multivocal literature review discusses ways of minimizing fraud for SMEs and IT-supported concepts that are currently proposed in literature. The present review shows that existing concepts often focus on specific or internal fraud risks and organizational countermeasures, but rarely cover newer fraud risks or suggest IT-supported measures to reduce the risk of fraud for SMEs. However, some IT security approaches have been proposed to mitigate fraud, but the area of internal control concepts of compliance and governance appears unconnected to IS approaches. This review identifies a lack of integrated fraud-management concepts, which is surprising due to the omnipresence of ICT, it found limitations in existing concepts and suggests areas for future IS research and academic discussion.