|Keywords:||Enterprise Resource Planning, Mobile technology, ERP mobility, Risk management, IT audit, Control framework|
|Full text PDF:||http://dspace.library.uu.nl:8080/handle/1874/311173|
The goal of this thesis was to investigate the impact of integrating mobile technology as an extension to existing and more traditional Enterprise Resource Planning (ERP) systems. A process was initiated to identify new risks that arise from the integration between back-end system and mobile device, and also to evaluate existing risks that might be altered or amplified due to mobility. Subsequently, controls were defined that cover the threat landscape and risks relevant to a M-ERP solution. Together, these two components (risks and controls) compose the essential elements for the main artifact developed in this thesis: a control framework that can be used to gain insight in the risks involved with ERP mobility as well as ways to mitigate those risks. The framework can be used by (IT) auditors in their day-to-day activities, as well as by responsible individuals in organizations who have adopted a form of ERP mobility themselves, to control risks they encounter due to mobility.