Like many other industries, small and medium IT enterprises (IT SMEs) find themselves challenged by globalization and digital transformation. This paper highlights the implications and challenges for IT SMEs in the area of IT security, compliance, and data governance. It describes
the secure and compliant integration of IT products and services of IT SMEs in order to enhance their relative competitive position against global players of the IT industry. The paper presents an approach that entails competence areas for IT security, compliance, and data governance and shows
a web-based tool for surveying and measuring areas in order to derive actual readiness of IT SMEs in these areas. The paper concludes with an outlook on the expected findings and planned further developments of the approach and tool.