CIISR2021 becomes virtual!

The COVID-19 pandemic is known to force many conferences to become virtual. Unfortunately, this trend did not stop even before the 16th International Conference on Wirtschaftsinformatik (WI2021). Therefore, in line with the WI2021, the CIISR workshop will also become entirely virtual!

Content Description of CIISR

„Compliance“ refers to rule adherence, i.e., acting in accordance with applicable rules originating from various sources, including laws, standards, contracts, guidelines, etc. [1, 2]. Compliance has been a relevant topic in Information Systems Research (ISR) for several decades, whose initial focus was primarily on the (semi-)automated support in ensuring and validating rule conformity [3–5].

The First International Workshop on Current Compliance Issues in Information Systems Research (CIISR 2021) will occur on March 9th, 2021 in conjunction with the 16th International Conference on Wirtschaftsinformatik (WI2021). Based on the conference’s central theme–  „Innovation through Information Systems – WI as a trend-setting science“ –the workshop will discuss current compliance issues with high relevance to the ISR area.

Nowadays, compliance is approached from a variety of different perspectives. For instance, as part of information security management, it is examined which operational compliance measures result in desired employee behavior [6, 7]. In the context of cloud computing, for instance, it is examined how compliance with service level agreements can be ensured in hybrid cloud architectures [8, 9]. In the context of business process management, for instance, it is examined how the compliance of business processes can be ensured sustainably and economically in digitalized and electronic markets [10–12]. These and many other current aspects of compliance are discussed at the CIISR workshop. The workshop offers scientists, practitioners and further interested parties a basic program including three speeches on current compliance issues in information security, cloud computing, and business process management. Furthermore, we cordially invite you to submit and present your completed research papers, short papers, or extended abstracts relevant to the workshop topic. We welcome practical contributions, empirical studies, systematic literature analyses, as well as research papers following the design science research paradigm.

The topics of interest include, but are not limited to:

  • Ensuring compliance with information security policies
    • Management of data breaches
    • Effectiveness of information security management standards
    • Information security under consideration of social factors or in cross-organizational contexts
  • Compliance issues in cloud contexts
    • Ensuring compliance despite the use of hybrid clouds
    • Compliance with service level agreements and qualities of service
  •  Ensuring business process compliance
    • Business process compliance in the context of outsourcing or in consideration of economic/social factors
    • Compliance issues related to process mining
  • Current issues of IT compliance
    • The influence of current IT-related legal regulations (e.g. the General Data Protection Regulation (GDPR), the second Payment Services Directive (PSD2), etc.) on the operations of companies, (government) institutions, …
    • IT compliance and nudging
  • The investigation of compliance issues related to the COVID-19 pandemic in the ISR sector
  •  …

Contributions addressing other workshop-relevant topics are also welcome.

For general questions concerning the workshop or submissions, please contact Dr. Stephan Kühnel ( We look forward to your submissions and your participation!    

Kind regards,     
Stephan Kühnel, Stefan Sackmann, and Simon Trang

Format of CIISR

The CIISR workshop comprises a total of 3 sessions, each of which is introduced by a speech addressing a current compliance issue. The speeches deal with current challenges in information security compliance, compliance in the context of clouds, and business process compliance representing the basic workshop program. The remaining slots of the sessions are available for presentations of practical contributions and research results from submissions. 

The target group of the CIISR workshop includes academics whose research focus is on current compliance issues, practitioners working in the field of compliance, and all other interested parties. On the one hand, the workshop serves to discuss current trends and new research results by and with (senior) representatives from science and practice. On the other hand, the workshop aims to give young scientists and doctoral students the opportunity to present early research results.           
Interested participants can also register for participation in the workshop without submitting a contribution. We intend to hold the CIISR workshop as a face-to-face event. However, in case it is not possible to conduct the workshop on site due to the COVID-19 pandemic, we will offer a fully digital workshop.

Submission Types, Submission Instructions, and Formalities

We welcome submissions to the CIISR workshop on the above-mentioned topics written in English. For this purpose, we offer three submission types:

(1) Completed research papers/complete practical reports
This submission type includes both advanced research with at least partial evaluation and comprehensive practical contributions.

(2) Short papers (research in progress papers/short practical reports)
Short papers represent ongoing research or ongoing practical projects. In addition to presenting initial results, these papers should also contain an outlook on further research or further project progress, including planned future work steps

(3) Extended abstracts
Extended abstracts present and discuss high-quality results of already published contributions (or dissertations/postdoctoral theses) with relevance to the workshop topic.

Completed research contributions and complete practical reports must not exceed 12 pages, short papers must not exceed 6 pages, and extended abstracts must not exceed 4 pages, including title, abstract, bibliography, author details, and acknowledgments. Possible appendices are not included in the pagination.

When formatting your submissions, please use the official WI2021 template.

Please submit your articles directly via the ConfTool of the WI2021:

If you do not yet have an account, you first have to register for the ConfTool of the WI2021. Already registered users can log in directly, then press „Your Submissions“ and finally select the CIISR Workshop.

If you have problems submitting your contribution via ConfTool, you can alternatively submit it directly via email to, respecting the submission deadline!

Except for extended abstracts, the submission of contributions must be made in anonymized form, i.e., all information that would allow the authors to be identified must be removed or blinded (e.g., author names, citations of preliminary works, project names). Each submission will be reviewed double-blind. The authors‘ information will be added after the acceptance notification. 

All accepted contributions will be published in an open-access workshop volume and must be presented and discussed by at least one author during the CIISR workshop. Short papers and extended abstracts will have a presentation time of about 15 minutes and a discussion time of about 5 minutes. Completed research papers and complete practical reports will have a presentation time of about 20 minutes and a discussion time of about 15 minutes.

Deadlines (extended)

Deadline for submissions (extended): January 8th, 2021 (midnight CET) 
January 15th, 2021 (midnight CET) 
Notification of acceptance (extended):February 5th, 2021
February 12th, 2021 
Final paper submission (extended):February 19th, 2021
February 26th, 2021
Workshop date:March 9th, 2021          

Workshop Schedule

Session 113:0014:30
Opening13:0013:05Stephan KühnelWorkshop Opening
Kick-off Speech13:1013:35Stefan Sackmann,
Simon Trang,
Stephan Kühnel
Kick-off Speech
Presentation 113:4014:15Michael Seifert„Analysis of Public Cloud Service Level Agreements – An Evaluation of Leading Software as a Service Providers“
Open Discussions14:1514:30all participantsTime for open discussions
Coffee Break 114:3015:00
Session 215:0016:30
Presentation 215:0015:35Mohammed Mubarkoot
Jörn Altmann
„Software Compliance across Industries: A Systematic Literature Review“
Presentation 315:4016:15Sebastian Hengstler,
Natalya Pryazhnykova
„Reviewing the Interrelation Between Information Security and Culture: Toward an Agenda for Future Research“
Open Discussions16:1516:30all participantsTime for open discussions
Coffee Break 216:3017:00
Session 317:0018:30
Presentation 417:0017:35Sebastian Hengstler„Culture Matters –  A Cross Cultural Examination of Information Security Behavior Theories“
Presentation 517:4018:00Tobias Seyffarth„MIA – A Method for Achieving Compliance in flexible and IT-supported Business Processes (Extended Abstract)“
Presentation 618:0518:25Anna FuchsDiscussion on „Checking Business Process Compliance in ERP Systems“
Get Together18:25open endall participantsGetting to know each other, discussing, and networking @

All mentioned times are recorded in Central European Time (CET), i.e., in Coordinated Universal Time (UTC) + 1h.

Workshop Organizers

Dr. Stephan Kühnel (main contact person)
Chair of Business Informatics, esp. Business Information Management
Institute for Information Systems and Operations Research    
Martin Luther University Halle-Wittenberg 
Universitaetsring 3, 06108 Halle (Saale), Germany

Prof. Dr. Stefan Sackmann
Chair of Business Informatics, esp. Business Information Management
Institute for Information Systems and Operations Research    
Martin Luther University Halle-Wittenberg 
Universitaetsring 3, 06108 Halle (Saale), Germany

Prof. Dr. Simon Trang
Chair for Information Security and Compliance       
Georg August University of Goettingen
Platz der Goettinger Sieben 5
37073 Goettingen, Germany         

Program Committee (to be extended)

  • Frank Teuteberg (Osnabrück University, Germany)
  • Nils Urbach (University of Bayreuth, Germany)
  • Michael Fellmann (University of Rostock, Germany)
  • Barbara Gallina (Mälardalen University, Sweden)
  • Nadine Guhr (Leibniz University Hannover, Germany)
  • Martin Schultz (HAW University of Applied Sciences Hamburg, Germany)
  • Simon Hacks (KTH Royal Institute of Technology Stockholm, Sweden)
  • Tobias Seyffarth (Martin Luther University Halle-Wittenberg, Germany)
  • Michael Seifert (GISA GmbH, Germany)

Web Chairs

  • Dr. Stephan Kühnel (Martin Luther University Halle-Wittenberg)
  • Sebastian Lindner, M.Sc. (Martin Luther University Halle-Wittenberg)


  1. Becker, J., Delfmann, P., Dietrich, H.-A., Steinhorst, M., Eggert, M.: Business Process Compliance Checking – Applying and Evaluating a generic Pattern Matching Approach for Conceptual Models in the Financial Sector. Information Systems Frontiers 18, pp. 359–405, (2016).
  2. Rinderle-Ma, S., Ly, L.T., Dadam, P.: Business Process Compliance (Aktuelles Schlagwort). EMISA Forum, pp. 24–29, (2008).
  3. Sackmann, S., Kuehnel, S., Seyffarth, T.: Using Business Process Compliance Approaches for Compliance Management with Regard to Digitization: Evidence from a Systematic Literature Review. In: Weske M., Montali M., Weber I., vom Brocke J. (eds) Business Process Management. BPM 2018. Lecture Notes in Computer Science, vol 11080. Springer, Cham, pp 409-425, (2018).
  4. Fellmann, M., Zasada, A.: State-of-the-art of Business Process Compliance Approaches: A Survey. Proceedings of the 22th European Conference on Information Systems (ECIS’14), pp. 1–17, (2014).
  5. Schultz, M.: Towards an Empirically Grounded Conceptual Model for Business Process Compliance. In: Ng W., Storey V.C., Trujillo J.C. (eds) Conceptual Modeling. ER 2013. Lecture Notes in Computer Science, vol 8217. Springer, Berlin, Heidelberg, pp 138-145, (2013).
  6. Trang, S., Brendel, B.: A Meta-Analysis of Deterrence Theory in Information Security Policy Compliance Research. Information Systems Frontiers 21, pp. 1265–1284, (2019).
  7. Lembcke, T.-B., Masuch, K., Trang, S., Hengstler, S., Plics, P., Pamuk, M.: Fostering Information Security Compliance: Comparing the Predictive Power of Social Learning Theory and Deterrence Theory. Americas Conference on Information Systems (AMCIS), (2019).
  8. Xiaoyong, Y., Ying, L., Tong, J., Tiancheng, L., Zhonghai, W.: An Analysis on Availability Commitment and Penalty in Cloud SLA. In: Computer Software and Applications Conference (COMPSAC), pp. 914–919, (2015).
  9. Morin, J.-H., Aubert, J., Gateau, B.: Towards Cloud Computing SLA Risk Management: Issues and Challenges. In: Sprague, R.H. (ed.) 45th Hawaii International Conference on System Sciences. (HICSS) ; USA, 4 – 7 Jan. 2012, pp. 5509–5514, (2012).
  10. Seyffarth, T., Kuehnel, S., Sackmann, S.: Business Process Compliance Despite Change: Towards Proposals for a Business Process Adaptation. In: Cappiello C., Ruiz M. (eds) Information Systems Engineering in Responsible Information Systems. CAiSE 2019. Lecture Notes in Business Information Processing, vol 350. Springer, Cham, pp. 227-239, (2019).
  11. Kuehnel, S., Trang, S., Lindner, S.: Conceptualization, Design, and Implementation of EconBPC – A Software Artifact for the Economic Analysis of Business Process Compliance. In: Laender A., Pernici B., Lim EP., de Oliveira J. (eds) Conceptual Modeling. ER 2019. Lecture Notes in Computer Science, vol 11788. Springer, Cham, pp. 378-386, (2019).
  12. Knuplesch, D., Reichert, M., Fdhila, W., Rinderle-Ma, S.: On Enabling Compliance of Cross-Organizational Business Processes, In: Daniel F., Wang J., Weber B. (eds) Business Process Management. Lecture Notes in Computer Science, vol 8094. Springer, Berlin, Heidelberg, pp. 146-154, (2013).