Improving IT Governance
Abstract
The current paper presents profound research on the possible ways of improving IT governance in an organization setting. It introduces the concepts behind the application of IT governance practices and its contributions to the achievement of a company’s shared objectives. It reviews the existing research on the different approaches that can be used to improve IT governance. This material touches on the five IT governance domains, namely, strategic alignment; value delivery; risk management; resource management; and performance management. Moreover, it examines the relevance and applicability of Control Objective for Information Technology (COBIT) improvement model. The research captures the COBIT’s four domains, namely, plan and organize; acquire and apply; deliver and support; as well as monitor and evaluate. It then proceeds to the potential IT governance rationale mechanisms that can be used to improve technological effectiveness. Tactical and strategic communications are the primary mechanism discussed in this section to discern their applicability. It also covers the IT governance maturity and Balanced Scorecard concepts and their relevance in IT governance. The paper makes the appropriate recommendations on the best ways to improve IT governance based on the analysis executed. Lastly, it concludes the paper by summarizing the main findings and future expectations.
Keywords: IT governance, Control Objective for Information technology (COBIT), Balanced Scorecard.
Improving IT Governance
Introduction
Rapid environmental, technological, political, economic, and social changes have caused several changes in the contemporary world. These amendments have escalated competition in businesses across all industries. Consequently, organizations strive to implement and effectuate strategies that will create competitive advantages. Technology is among the most useful tools for corporations to maintain their competitiveness and relevance in the market landscape. IT governance is a pertinent instrument that determines organizational performances. Often, corporate IT management and governance operations associated with a company's IT history. Many, if not all, enterprises have invested substantially in this phenomenon seeking considerable returns. However, some investments are fruitful, while others cause losses to the firms due to differences in IT governance. It is a trending phenomenon that controls corporate IT capacity to ensure that the investments translate to the intended business value. Thus, IT governance determines whether an organization succeeds or fails.
The application of IT governance practices in daily business operations drives the organization strategically towards achieving its common objectives. This phenomenon maintains and expands a firm’s market share by increasing its competitiveness and reputations through the quality of services it offers. However, the positive outcomes depend significantly on the effectiveness of the implemented governance. In this regard, organizations need to focus mostly on the feasible ways which they can use to improve their power. Managers and researchers have prioritized this global concern to enable corporations to implement relevant mechanisms to steer, coordinate, and rationalize IT-related decisions. The implementation and actualization of effective IT governance mechanisms enable corporations to formulate, formalize, and understand this aspect in a realistic business environment. However, its performance depends on certain internal and external factors in an organizational setting. Therefore, companies ought to comprehend the influence of each aspect on IT governance and overall business performance, productivity, and progress.
IT governance performance has several domains that organizations need to consider. Usually, performance arrangements are executed in those domains to ensure that concerned firms earn maximum returns from their IT investment. These domains are IT risks management, IT value delivery, IT strategic management, IT performance evaluation, and IT source management. The governance of information technology entails several accounting information systems. The main objective should be to create a favorable environment for better usage of technology to enhance effective governance. The process needs to depict the quality of services delivered by IT units to an enterprise, its cost-effectiveness, asset utilization, as well as business growth and flexibility. Many researchers recognize the impact associated with measuring the value of information technology. Improving the efficiency of IT governance is a predominately considered requirement that enables senior managers and board of directors to manage IT risks and achieve company's objectives effectively. If all companies could use COBIT and a Balanced Scorecard Approach, they could have solved all technical issues because it improves IT governance.
IT Governance Concept and Improvement Mechanisms
Influence of IT Governance on Innovation
IT governance contributes significantly to a firm’s innovation capacity. According to Héroux and Fortin (2016), resource allocation to innovation emanates from changes in IT’s rational mechanisms, procedures, and governance structures. IT has many tools that are used to invigorate innovation. These instruments are affected by the application of certain corporate governances, which has a direct effect on workers-driven creativity. The main reason is that it helps employees to acquire, disseminate, and exploit available insights from the executive segment (Héroux & Fortin, 2016). IT governance enhances communication between business units to enhance the collective move towards achieving common goals. This phenomenon creates a favorable platform where knowledge-sharing portals and electronic newsletters can be used to distribute relevant information. Héroux and Fortin (2016) assert that IT governance rational mechanisms stimulate innovation procedures by encouraging innovative thinking, inclusivity, and a collectivist corporate culture in an organizational setting. Thus, the effectiveness of IT governance has direct implications for business innovation.
IT competency is an essential aspect of the contemporary business world. Héroux and Fortin (2016) argue that it has a direct impact on competitive actions since innovation is associate with competent employees. Soft IT capital is closely connected to IT skills, knowledge, and creativity (Héroux & Fortin, 2016). That said, companies should prioritize training and educational programs to orient the personnel of the importance, usage, and impact of IT governance to innovation and overall business performance. Héroux and Fortin (2016) inform that executive and top management have to possess substantial IT abilities to articulate and communicate IT strategies, visions, and objectives. Accordingly, IT competency is a feasible way of creating competitive advantages in a market landscape.
IT Governance Maturity
IT governance maturity is a strategic management domain that focuses on “corporate capabilities” from a resource-based perspective. Gashgari, Walters, and Wills (2017) define this concept as the aptitudes of a company to execute coordinated operations using the available resources to achieve intended outcomes. This model is often used to determine the status of a firm to decide on the best ways to improve the performance. Gashgari et al. (2017) argue that ITG maturity contributes significantly to business performance, productivity, and progress. However, the authors recognize that several types of research did not identify the relationship between ITG and business performance (Gashgari et al., 2017). Conversely, other theorists argue that a considerable time delay exists between the perceived advantages and ITG maturity levels (Gashgari et al.2017). Nevertheless, it is a sophisticated concept that requires IT governance to cover all the relevant aspects. Gashgari et al. (2017) assert that most enterprises ignore situational and soft governance factors and focus more on government aspects. These three elements need to be considered in IT governance to enhance the scope and efficiency of Informational Technology. Therefore, IT governance maturity is an equally imperative aspect in this context.
IT Governance Domains
Strategic Alignment
IT governance needs to consider enterprise goals, current and intent strategies. According to Bhattacharjya and Chang (2006), this alignment ensures that IT investment can deliver the targeted business value. Moreover, it enhances the exploitation of the available assets and resources to assist the whole complex towards achieving the common objectives. Bhattacharjya and Chang (2006) use the Strategic Alignment Model and strategic alignment maturity assessment tool to align organizational, internal, and external procedures with the IT strategy. That said, competent IT governance needs to ensure that IT-related decisions and practices connect with the processes of the entire organization. It is worth noting that some corporate operations enhance this alignment while others inhibit, thereby affecting the performances of IT departments (Novotny, Bernroider & Koch, 2012). These factors include governance styles, inclusivity, corporate culture, managerial approaches, communication, and decision-making (Wiedenhoft, Luciano, & Magnagnagno, 2017). They interfere with IT arrangements since business performance is a collective responsibility in a firm. Therefore, strategic alignment is a central factor to consider while improving IT governance.
Value Delivery
Investment in IT has to have substantial returns by adding value to an organization. According to Lunardi, Maçada, Becker, and Van Grembergen (2016), value addition depends on the contribution of this phenomenon to the accomplishment of the shared objectives. However, this does not mean, in any way, that the value-added should be discerned on financial perspectives; instead, it should be based on the managerial and operational processes. Lunardi et al. (2016) inform that determining and quantifying the value added by IT investments is difficult because the benefits are absorbed with the daily operations. Nonetheless, IT governance ensures that appropriate and relevant decisions are made on the implementation of Information technology in a corporate setting. Effective governance enhances the application of rationale mechanism, accompanying processes, and flexible structures to escalate business value and IT productivity (Wiedenhoft et al., 2017). IT is usually evaluated strategically to provide more opportunities, expose the company to fewer risks, have positive operational impacts, and enhance the achievement of business objectives. Thus, IT requires other mechanisms to enables it to optimize investment returns.
IT Risk Management
The increasing independence of companies on IT has escalated the extent to which external factors hamper the accomplishment of corporate goals. The main reason is that the managerial segment focuses mostly on the effects of the internal factors, thereby abdicating external events. These failures can cause severe damages to an organization mainly by destroying its image, and cause legal liability and business losses. The risk management domain of IT governance addresses the safety of IT resources, operational continuity, and disaster recovery. According to Lunardi et al. (2016), this domain maintains the added value to the business by managing potential risks. That said, top seniors ought to comprehend the route-causes of these risks and ensure that they are controlled. An effective IT governance navigates and manages issues competently to mitigate their subsequent impacts that could jeopardize the strategic organizational goals (Wiedenhoft et al., 2017). Accordingly, risk management is an essential domain in IT governance improvement.
Resource Management
IT resource management is an essential segment in IT governance because it ensures that investment works towards corporate needs and aims. According to Lunardi et al. (2016), these resources entail all necessary human skills, software, hardware, and managerial procedures that seek to translate the investment into IT productivity. This domain attempts to optimize IT infrastructure and insight, especially its functioning and investment, as well as appropriate allocations. Lunardi et al. (2016) inform that IT governance facilitates and determines the most relevant IT abilities. Resource management enables a business to formulate, implement, and adhere to budgets, processes, and strategic plans used to apply IT tactics. It helps the managerial wings and steering committee to communicate effectively and make unanimous decisions regarding the equal allocation of funds and other available resources (Wiedenhoft et al., 2017). IT resources management is an indispensable IT governance improvement domain.
IT Performance Management
Performance management facilitates values addition and operational effects of IT investments. These measurements are usually executed to discern whether or not it serves its intended purposes and contribute substantially to business aims and needs (Wiedenhoft et al., 2017). It also assesses whether IT adheres to the schedule, budget, infrastructure, and the extent it meets the needs of the users. It is used as a transparent instrument for the assessment of IT aptitudes, potential risks, and achievements. This process divulges the performance and direction of organizational IT investment and the effectiveness of its governance (Wiedenhoft et al., 2017). Companies can utilize several mechanisms to track the progress of their resources, projects, services, and even strategies. Consequently, the subsequent results assist the top management in making counteractive decisions and amendments that could make IT more productive to a firm.
Strategic Ways Through Which IT Governance Can Be Improved
Control Objective for Information technology (COBIT)
Many theorists have provided frameworks that capture the need for improving IT governance. According to Rezaei (2013), Control Objective for Information Technology (COBIT) is a framework that captures the best practices that can enable organizations to improve their IT governance. It is an indispensable tool that recognizes the value of IT assets in a company. It states that an IT department needs to implement, control, measure, and improve governance effectiveness. Rezaei (2013) informs that COBIT is a multiuse instrument employed globally due to its auditing capacity. It seeks to standardize the process used in a high-level IT governance environment. Usually, this theory has four equally imperative implementation domains: plan and organize, acquire and implement, deliver and support, as well as monitor and evaluate domains. These segments suggest that organizations should plan, build, run, and monitor the traditional roles of the IT department to improve governance. Therefore, COBIT is a well-built IT governance theory.
The plan and organize is the initial domain and the first step towards improving IT governance. According to Rezaei (2013), companies need to have strategic plans and tactics that develop the best ways IT investment participates in the achievement of business goals. The Acquire and Apply segment follows this step and captures the need to identify and provide resolutions to corporate functional requirements. Rezaei (2013) asserts that it seeks to respond to noticeable changes in the technological world. The subsequent Deliver and Support segment focuses on the delivery of supportive services to the IT department. Ideally, these services facilitate security and configuration as well as third-party, operational, and performance management departments on work fluentness and effectiveness. According to Rezaei (2013), the Monitor and Evaluate domain entails regulating governance and compliance, evaluation of internal control, and performance management. These segments provide different control processes that an organization should consider to achieve its IT-related goals. Each procedure has unique roles, activities, and objectives that contribute to the overall IT performance (Zhang & Le, 2013). Thus, companies ought to improve their governance based on COBIT’s domains.
Different IT governance model has several benefits to organization IT investments. However, few companies have utilized these theories to navigate the technological process. A study conducted by Rezaei (2013) suggested that more than 80% of firms do not use COBIT theory in their IT operations. The author emphasizes the few enterprises that have implemented this framework records recommendable IT improvement and corporate performance (Rezaei, 2013). However, several respondents asserted that the COBIT framework is complex, an attribute that limits its application. Moreover, much legislation regulates the implementation of IT controls procedures. Improvement of IT governance depends on the corporate desire to support and manage its investments in technology. Rezaei (2013) revealed that COBIT theory has several challenges to medium-sized organizations since it is sophisticated and costly, and it requires a skilled workforce. Nevertheless, COBIT’s Systems Security is among the most imperative aspects of organizational settings. Hence, leaders and executives should employ substantial efforts to ensure that they exploit the benefits associated with this model.
COBIT appears to be an appropriate framework to improve IT governance towards the achievement of business objectives. However, it has several aspects that need to be understood and considered amid its implementation. The main objective of this framework is to enhance the effectiveness of IT, wane time consumed during execution of IT mandates, and invigorate the accomplishment of corporate goals and visions. The complexity associated with this theory suggests that skilled and experienced workers should prevent communication failure between users and services. It is also essential to evaluate the performance of IT governance for the implementation of relevant amendments following environmental and technological changes. Therefore, existing research presents COBIT as a resourceful model that can improve IT governance.
IT Governance Rationale Mechanisms
Companies should understand IT governance rationale mechanisms to improve their technological effectiveness. According to Bianchi, Sousa, Pereira, and Hillegersberg (2017), these approaches entail learning and sharing strategic decision between IT and other business units to ensure proper communication. Usually, firms are managed using the center of responsibility method that subdivides complex tasks into different departments. Although they work independently, they have collective obligations towards the accomplishment of corporate objectives. Bianchi et al. (2017) argue that there should not be any gaps between decision-makers, who are executives and managers, and employees, who are the implementers of the already made decisions. The quality and frequency of communication between different IT stakeholders is a crucial factor. Bianchi et al. (2017) note that communication tends to occur at a tactical stage. For example, different departmental managers, such as in accounting, marketing, and sales, communicate with the IT department during the implementation of tactical decisions relating to their units. Hence, communication mechanisms used in an organization can improve IT governance.
Dialogue at the strategic level is the most preferred and recommended approach. According to Bianchi et al. (2017), Information Technology committees and other relevant departments in a company need to meet at regular intervals. IT-related decisions need to align with an entire business, including seniors and their subordinates (Bianchi et al., 2017). Technology entails several processes in the organization setting, which makes it complicated. Its governance must capture all operations at the departmental level. The board of governance oversees all IT-related practices effectively. It should have the collective responsibility on IT management, planning, practices, performance, and evaluation for appropriate decision-making (Bianchi et al., 2017). Effective develops performance and controls metrics over technology investments, compliance with regulations, authorities, legal frameworks, and corporate policies. Lastly, these mechanisms have clarified and formalized oversights, decisions, and accountability (Bianchi et al., 2017). Thus, IT Governance Rationale Mechanisms can improve technological effectiveness in an organization.
Improving Its Governance Using The Balanced Scorecard Approach
Balanced Scorecard is a widely applied strategy that measurers performance and management systems. According to Van Grembergen and De Haes (2005), the basic principle of this method is that the evaluation of organizational progress should not be necessarily restricted to the financial growth, learning, and internal processes. Other additional dimensions have to be considered to guarantee better financial results and the achievement of corporate objectives in the future. The Balanced Scorecard focuses on three elements: objectives, mission, and future initiatives. Van Grembergen and De Haes (2005) argue that these measurements should be based on cause-and-effect connections. Performance drivers and outcome measures are the main types of evaluations implemented. A useful tool has these two metrics to communicate the ways they can be simultaneously achieved within the organizational setting. Therefore, BSA is a feasible evaluation approach that can be used to improve IT governance.
The Balanced Scoreboard concept is relevant, applicable, and appropriate to IT processes and functions. It evaluates IT performances based on an executive management perspective to discern its contribution to an entire organization. Van Grembergen and De Haes (2005) inform that the internal users dimension is used to measure customer orientation. Moreover, the efficiency of IT processes is determined by the IT management spectrum to discern its operational excellence. Its future perspective divulges the corporate readiness for IT future challenges and uncertainties to improve organizational transparency and governance. The contribution of IT investment to a company’s financial performance is measured from the financial perspective (Borousan, Hojabri, Manafi, & Hooman, 2011). The stakeholder dimension reveals a firm’s status in terms of legal and ethical compliance, while the growth and learning segment measurers the operations that require further training, learning, and development in the future. Overall, the BSA tool exhibits innovative merits that warrant its application in improving IT governance.
Recommendations
COBIT and Balanced Scorecard Approaches
The COBIT model appears to be the most appropriate way of improving IT governance in an organizational setting. Batyashe and Iyamu (2016) assert that it is an accepted tool and procedure because of its applicability from a practical perspective. However, it is a sophisticated approach that cannot fit in every situation and need to be customized. The executive and top management should strive to understand the dynamics of the framework and exploit it to achieve their IT organization’s objectives (Rezaei, 2013). The efficiency of this model depends significantly on the industry and the nature of corporate operations. It has several processes, mandates, and activities that can help make IT productivity, although the connection between the two is not clear, which makes it imperative for a company to consider employing experienced and skilled workers. Companies ought to implement substantial resources to reduce time consumption and ensure that the investment reciprocates tangible benefits to a firm (Rezaei, 2013). Therefore, COBIT is the most appropriate method for improving IT governance.
The methodology can assist a company to improve the five IT governance domains. This model would ensure that IT governance makes appropriate IT-related decisions and practices that connect with the processes of the entire organization (Rezaei, 2013). Organizations must understand the corporate operations that enhance this alignment and those that inhibit the performance of IT departments. Moreover, COBIT can improve IT governance by invigorating value delivery through the application of rationale mechanisms, accompanying processes, and flexible structures (Rezaei, 2013). This framework can improve the risk management domain of IT governance to address the safety of IT resources, operational continuity, and disaster recovery. COBIT guides resource allocation to optimize IT infrastructure and insight, such as its functioning and investment. It would ensure that the entire process adheres to the schedule, budget, infrastructure, and the extent it meets the needs of the users. Lastly, COBIT provides necessary transparent instruments for assessment of IT aptitudes, potential risks, and achievements (Rezaei, 2013). Thus, this model can assist IT departments to achieve primary targets by improving the five IT governance domains.
As explained above, COBIT has four domains that contribute significantly to the improvement of IT governance. The Plan and Organize domain assist IT deparments to control entire IT processes (Rezaei, 2013). This segment ensures that the segment links the IT resources, business value, and organizational objectives. It helps a company to address the possible risk management approaches, identify required resources, understand expected value delivery, and performance measurement. The Acquire and Implement domain guides the IT department to acquire, apply, and effectuate the planned and organized necessary resources, mechanisms, and measures (Rezaei, 2013). This domain helps the board to ensure that the IT investment adds value to an organization by ensuring that the applied IT lifecycle is essential to a company organization. Moreover, the risk management domain guides IT governance to make prior measurer that will address potential future issues to protect the added value. Lastly, the COBIT model can be combined with the balanced scoreboard approach to evaluate IT governance and its contribution to a business (Borousan et al., 2011).
Conclusion
Companies can solve multifaceted technological issues if they employ the COBIT and Balanced Scorecard models because they improve IT governance. Technology is widely used by contemporary companies to maintain their competitiveness and relevance in the market landscape. IT governance is an appropriate tool that decides organizational performances. The analysis suggests that the implementation of an effective IT governance mechanism enables corporations to design, formalize, and comprehend this aspect in a realistic business environment. IT governance is a crucial phenomenon that controls corporate IT to ensure that investments translate to the intended business value. Ut has five IT governance domains, namely, strategic alignment; value delivery; risk management; resource management; and performance management. The research indicates that IT determines whether an organization succeeds or fails. Companies ought to fathom the influence of each factor on IT governance and overall business performance, productivity, and progress. Improving the efficiency of IT governance is a predominately considered requirement to enable senior managers and board of directors to ensure that IT risks are effectively managed and that a company's objectives are achieved. Thus, IT governance is a critical operation in a firm. Control Objective for Information technology (COBIT) captures the best practices that can enable organizations to improve their IT governance. It is an indispensable tool with four domains, namely, four domains, namely, plan and organize; Acquire and Apply; Deliver and Support; as well as Monitor and Evaluate domains. Research suggests that the implementation of this framework has several benefits on IT improvement and corporate performance. However, it appears to have many deficiencies, such as complexity, that slightly limit its application. IT governance rationale mechanisms contribute significantly to technological effectiveness. A Balanced Scorecard measures performance and management system based on three elements, namely, objectives, mission, and future initiatives. It is a relevant, applicable, and appropriate to IT processes and functions.
COBIT and Balanced Scorecard Approaches are the best ways of improving IT governance in an organizational setting. The former focuses on improving the five IT governance domains using its four segments, which contributes significantly to the improvement of IT governance. The Plan and Organize domain can assist an IT department to control entire IT processes. The Acquire and Implement segment guides the IT governance to acquire, apply, and effectuate the planned and organized necessary resources, mechanisms, and measures. The Monitor and Evaluate section adds value to organizations by ensuring that the applied IT lifecycle is indispensable and fruitful. Lastly, the Balanced Scoreboard approach can evaluate IT performance and its contribution to business. Therefore, organizations should consider the COBIT and Balanced Scorecard approaches to improve their IT governance.
References
Batyashe, T. N., & Iyamu, T. (2016). IT governance: An architectural framework based on consolidated best practices. Journal of Governance and Regulation.
Borousan, E., Hojabri, R., Manafi, M., & Hooman, A. (2011). Balanced Scorecard; a tool for measuring and modifying IT governance in healthcare organizations. International Journal of Innovation, Management and Technology, 2(2), 141.
Bianchi, I., Sousa, R., Pereira, R., & Hillegersberg, J. (2017). Baseline mechanisms for IT governance at universities. In Proceedings of the 25th European Conference on Information Systems (ECIS) (pp. 1551-1567).
Bhattacharjya, J., & Chang, V. (2006). Evolving IT governance practices for IT and business alignment: A case study in an Australian institution. Facing the Information Society. Retrieved from https://pdfs.semanticscholar.org/5424/0eeb74c893b21f19866a709f28d983b97e38.pdf
Gashgari, G., Walters, R. J., & Wills, G. (2017, April). A proposed best-practice framework for information security governance. In IoTBDS (pp. 295-301). Retrieved from https://www.scitepress.org/papers/2017/63031/63031.pdf
Héroux, S., & Fortin, A. (2016). The influence of IT governance IT competence and IT-Business alignment on innovation. Cahier De Recherche, 4, 1-36.
Lunardi, G. L., Maçada, A. C. G., Becker, J. L., & Van Grembergen, W. (2016). Antecedents of IT governance effectiveness: An empirical examination in Brazilian firms. Journal of Information Systems, 31(1), 41-57.
Novotny, A., Bernroider, E., & Koch, S. (2012). Dimensions and operationalisations of IT governance: A literature review and meta-case study. Retrieved from https://epub.wu.ac.at/3660/1/novotny2012.pdf
Rezaei, N. (2013). The Evaluation of Implementing IT Governance Controls. Journal of Applied Business and Finance Researches, 2(3), 82-89.
Selig, G. J. (2016). IT governance-an integrated framework and roadmap: How to plan, deploy and sustain for improved effectiveness. Journal of International Technology and Information Management, 25(1), 4.
Van Grembergen, W., & De Haes, S. (2005). Measuring and improving IT governance through the balanced scorecard. Information Systems Control Journal, 2(1), 35-42.
Wiedenhoft, G. C., Luciano, E. M., & Magnagnagno, O. A. (2017). Information technology governance in public organizations: Identifying mechanisms that meet its goals while respecting principles. JISTEM-Journal of Information Systems and Technology Management, 14(1), 69-87.
Zhang, S., & Le, F. H. (2013). An examination of the practicability of COBIT framework and the proposal of a COBIT-BSC model. Journal of Economics, 1, 5.
