Conceptual Aspects of IT Governance

in Enterprise Environment
Sureerat Saetang

Abrar Haider

University of South Australia

School of Computer and Information Science
Mawson Lakes, Adelaide, Australia

University of South Australia

School of Computer and Information Science
Mawson Lakes, Adelaide, Australia

saesy005@mymail.unisa.edu.au

abrar.haider@unisa.edu.au

information analysis and decision support [3]. As overall

corporate governance aims to enhance internal progress and
mitigate risks, IT provides it with the bonding glue to bring
together different organizational resources and allows for
planning and execution of straggles to achieve business goals.
However, managing IT infrastructure and its effectiveness has
been far from simple. With the increasing advancements in
technology, its governance is becoming even more complex.
Realizing an IT governance framework as the foundation to
support business in terms allocating, maintaining, and processing
information and information related resources is a major concern
[4]. The dynamic organizational tension between various
stakeholders, areas, and aspects of business makes it difficult for
any organization to fully grasp the scope of business and to map it
with technology [5]. This why governance frameworks like
COBIT and COSO are geared at different aspects/areas of the
business, have narrow focus, and do not provide an allencompassing level of strategic guidance to run and sustain IT
infrastructure. On the other hand, although more accomplished
frameworks like ITIL, provide a much more accomplished set of
guidelines, yet they do not yield consistent level of service across
all areas of business. Where is the problem? Of course it lies in
the way these frameworks are applied across the organization.
Organizations need to take stock of their resources, competencies,
and capabilities before attempting to implement an IT governance
framework. Implementation of an IT governance framework is
not a one off activity, it is actually an ongoing process that maps
IT to the business such that the IT infrastructure evolves and
matures with the organizational capabilities. This is research in
progress paper that sets the agenda for implementation of IT
governance frameworks. It starts with a discussion of corporate
governance, followed by the role of IT in contemporary business
arena, and ends with a discussion that this research will take to
address the research issue at hand.

ABSTRACT
In todays business environment there are various regulations,
concepts and strategies of business development that focus on
how technology can support business effectively. From among
these concerns, IT governance has drawn attention from corporate
broads to senior management. As a result, a number of IT
governance frameworks have emerged with each having its own
strengths and weaknesses. These frameworks, on one hand
provide multidimensional benefits to organizations to develop
higher interests like competitiveness, efficiency of It
infrastructure, and IT related; and on the other hand these
frameworks also align IT infrastructure with strategic business
agenda. Since these frameworks owe their existence to different
areas of IT application, their success is also quite varied. This
research is motivated by the same question, i.e. to examine what
makes an IT governance frameworks work. It follows a
qualitative interpretive research methodology with a case study
approach. This research significantly contributes towards building
theoretical base for the key issues and success factors of
successful IT governance implementation processes. It also
provides guidelines to executive managers about IT governance
framework adoption, customization, and implementation.

Categories and Subject Descriptors

H.0 Information Systems

Keywords Corporate governance, IT governance Framework,

IT infrastructure, Business / IT Alignment

General Terms
Management

1. INTRODUCTION
IT Governance is the concern that is gradually becoming the
Achilles heel of businesses in contemporary business arena [1]
[2]. It is an area of corporate governance that not only enables the
business through realization of automated business processes, but
also enables the strategy through effective allocation of resources,

2. LITERTURE REVIEW
2.1 Corporate Governance
Corporate governance is concerned managing performance of
business through dynamic interaction of CEO, board room, and
senior managers [6] [7] [8] [9] [10]. This performance evaluation
is productivity based and includes financial as well as nonfinancial measurement criteria. [11] [12] [10]. This why CEOs
and senior management rely on the concept of corporate
governance to keep their businesses like a well-oiled machine to
respond to internal as well as external pressures. The concept of
corporate governance is multifaceted and defines guidelines on
roles and responsibilities as well as interaction of people with
various systems in the organizations [13]. Corporate governance

Permission to make digital or hard copies of all or part of this work for
personal or classroom use is granted without fee provided that copies are
not made or distributed for profit or commercial advantage and that
copies bear this notice and the full citation on the first page. To copy
otherwise, or republish, to post on servers or to redistribute to lists,
requires prior specific permission and/or a fee.
SIGMIS-CPR11, May 1921, 2011, San Antonio, Texas, USA.
Copyright 2011 ACM 978-1-4503-0666-9/11/05...$10.00.

79

is created from the methodical process of evaluation and is shaped

to the systems of decision making eventually [14] [15]. Corporate
governance has varied definitions which depend on different
views of various authors. Corporate governance is the direction of
corporate partnerships to pledge as commitment of getting
benefits [16], the structure of regulations, compliance and aspects
which run the functions of organizations [17], the complex system
which combine two sets together by joining internal and external
organizations simultaneously [18]. Corporate governance methods
are dependent and governed by power to increase organizational
performance that affect to profits and expenditures of headships
and shareholders [19]. Corporate governance is a helpful system
to enhance the behaviors of management to develop quality of
organizations and maximize business value [20] [21] [22] [10].
Thus, it is important to establish corporate governance in the
organizations which is the arrangement of control, authorities and
limitation of executives, headships and shareholders to run the
organizations by starting from different objectives of varied
stakeholders to develop high value and future expectation of
organizations, covering the scope of the boards authority,
managements responsibility for governance and the relationship
between shareholders trading activities, voting decisions and
governance along with sharing power for decision making to
various authorized persons as range of constraints on board
independence [21, 23-25], chairman and CEO [26] [21] to
improve the business performance and gain higher profits as value
of organizations [27] [28]. Corporate board attributes are vital
factors which lead to influence corporate governance as shown in
table 1. Moreover, corporate governance supports organization by
improving itself to gain higher interests and competitive
advantage to beat others and raise better image of organization to
Determinants of Corporate

2.2 IT Governance
IT governance is about the responsibilities of board of directors
and executive management which assesses and conducts
corporate strategy, examines management performance objectives
and ensures the reliability of corporate mechanisms which have
reformed and developed significantly [31]. IT governance defines
as the collection and employment of corporation procedures for
decision makings due to adopt and implement IT resources and
capabilities [32] [33]. IT governance discusses about the
organizational characteristics of decision making in terms of the
role of duty (authorized person, reason of decisions and method of
decisions are determined) [34] [35]. Basically, IT governance was
concerned in computer regulations and processes and has been
adapted to business segment at the current age which includes
shareholder value, policy compliance and risk mitigation along
with aligning with the stakeholders and high executive
management. Therefore, the board of directors take high
responsibility and load of all decision makings for the entire of IT
business governance [36]. IT governance agreements cover
systems that allow business and IT executives to create plans and
processes, deploy IT infrastructures and examine results [37] [38].
Successful IT governance produces high profits and builds
reputation as good image to investors and customers including
gaining high trust, leadership and decreasing costs [38], using
common language with participated commitment to IT
compliances
and
procedures
[39],
raising
effective
communication between all groups of productive associations
[40]. IT governance employs considerable input about business
and IT strategies from stakeholders to create an understanding of
the organizations and form connections between business and IT
[41] [38]. Consideration and suggestions from stakeholders
regarding strategies are vital to the organization as they address
core business fundamentals for operational business activities
such as, IT assets. Board of directors responsibility, top
managements and leaderships, all main aspects of business
governance, along with policies and organizational structure are
the core components of governance to build and demonstrate the
organizations strategy and business objectives [42] [43].

Author(s) and Year (s)

Governance
Board Independence

[23] [25] [24] [21]

Rights of Board Members

[30] [21]

Chairman and CEO

[26] [21]

Incentive Compensation

[19]

Funds VS Debt

[19]

be outstanding firm in the industry rather than competitors which

are still in imperfect competitive situation with poor corporate
governance [29] [15].
Table 1. Determinants of Corporate Governance
Board members have rights to approve and consent all essential
decision makings in all main areas such as, investment plan,
payment procedures and board governance [30] [21]. Therefore,
they can invest in IT infrastructure and resources to develop
organization for supporting business environment. They also have
rights to monitor and check the errors which are vital to corporate
decisions that could affect to business and lead to gain good
alternative of entire good governance [21].

Figure 1. IT Governance structure.

Figure 1 presents IT governance comprises with management and
organizational compositions and procedures which IT maintains
and broadens the business strategies and goals by communicating
all parties with participated commitment successfully. The

80

existing conditions and latest concerns as well as developing

current working processes to gain higher solutions. The goal is to
indicate the implementation of IT governance initiatives in
organization which align with the business objectives and
requirements of organizations as well as robustly emphasized the
alignment of IT with business arrangement and execution by
studying the interconnection of IT governance and embedding
mechanisms for risk management, decision support, responsibility
and recourse participation between different functions of the
business along with investigating framework for IT governance as
a core component of corporate governance. This research has the
main question which creates for trying to resolve problem which
is how does implementation of an IT governance framework
contribute to value profile of IT infrastructure in achieving
business objectives and meeting its needs?

responsibilities of board must be cleared and effective on

management which related to IT management including business
risks and value delivery to align IT and operate within and across
organizations in all processes. According to this figure, it presents
the model of the relations of IT governance by forming businessIT objectives as the first process to provide direction through IT
activities, measuring performance, comparing objectives, and
getting outcome in the re-direction processes which require
changing in proper time to adjust and signify the objectives
acceptably. Due to establishing direction, IT module must
concern benefits by developing automation, cutting costs and
controlling risks.

Developing

Function

Description

Approach

4. CONCLUSION

Security

Business Operations

Business Risks

Policies and Controls

Responsibilities of

Roles of

Executive

Executives

Procedures &

Authority of

Accountabilities

Leaderships

Organisational

Business

Methods of

Structure

Administration

Customisation

Investigate, Monitor,

Board of Directors

Knowledge of

Agreement

Audit, Measure

This proposal sums up the outline of IT governance which joins a

business and IT successfully to sustain organizational works. It is
essential to focus on business objectives which direct
organizations to carry out powerfully in the industry by adopting
technology along to the business and gaining high competitive
advantage. This research also identifies guideline to support
senior executives and leaderships in terms of management in IT
governance by having knowledge of IT as essential area to
develop the business and IT using. Furthermore, senior
management and managers can use their knowledge and
understanding of IT to make decision on numerous projects in the
organization to protect severe results which lead organization fail
and unsuccessful as well as they can guide medium management
to work on the right platform. However, they must monitor all
projects closely before making full implementation to avoid
disaster and waste more assets, longer time and surplus
expenditures. This research concludes a summary of research to
carry out in aspects that allocate to the effectiveness of IT
governance frameworks. It demonstrates to assist board of
directors, senior managements, leaderships, stakeholders and
shareholders to understand and acknowledge the significance of
IT governance and also guide the directions and processes by
informing them to consider the impacts which can affect to
organizations. IT decision in organizations is highly important to
top management for their decision makings. Essentially, senior
management always make improvement during the middle phase
by checking and monitoring the erroneous of internal
organizational processes as well as assessing and measuring the
usability and credibility metrics through users to gain higher
competitive position in the market.

Leaderships

Table 2. Reads Business - IT governance perspective

Table 2 shows how IT supports business by directing different
processes to drive and operate on various business functions in
organizations. In order to maximizing business development, the
relationships of different work operations and business roles must
link together closely, as they must respond to their
accountabilities firmly and powerfully. These responses may
affect all departments in the organizations and also impact
customers, investors, partnerships, shareholders and stakeholders
as well as societies. Therefore, the executive management must be
aware and alert to these concerns, such as different levels of risks,
new and existing factors, knowledge based, agreement,
organizational structure, compliance and regulations along with
ongoing improve IT infrastructure enabling business processes by
aligning business and IT with different approaches, assessing the
results and business performance. Eventually, they will gain
effective results which gain better knowledge, skill and stronger
relationship of people within organization and external parties
such as the community and environment.

5. REFERENCES
1.
2.

3. RESEARCH METHODOLOGY
This research will utilize an interpretive qualitative approach with
data collection from participated organizations through qualitative
method by interviewing and personal observation with qualitative
surveys to study and examine IT governance which comprises
with business and information strategies along with the
responsibility of various management people to achieve better
business performance and outstanding results by discovering from

3.

81

Brown, C.V. and Sambamurthy, V. 1999. Repositioning the

IT Organization to Enable Business Transformation.
Cincinnati, OH. Pinnaflex Educational Resources.
Weill, P. and Broadbent, M. 2000. Managing IT
infrastructure: a strategic choice. In: Zmud, R., (Ed.),
Framing the Domains of IT Management: Projecting the
Future Through the Past. Cincinnati, OH. Pinnaflex
Educational Resources.
Luo, Y., 2005. Corporate governance and accountability in
multinational enterprises: Concepts and agenda. Journal of
International Management. 11 (1), 1-18.

4.
5.

6.
7.
8.
9.
10.

11.
12.
13.
14.
15.
16.
17.
18.
19.

20.
21.
22.

23.

24. Hermalin, B. and Weisbach, M. 2003. Boards of directors as

an endogenously determined institution: a survey of the
economic literature. Economic Policy Review, 9, 7 - 26.
25. Bhagat, S. and Black, B. 2002. The non-correlation between
board independence and long term firm performance.
Journal of Corporation Law. 27, 231-274.
26. Brickley, J.A., Coles, J.L. and Jarrell, G. 1997. Leadership
structure: separating the CEO and chairman of the board.
Journal of Corporate Finance. 3, 189-220.
27. Zingales, L. 1997. Corporate Governance. National Bureau
of Economic Research Working Paper.
28. Nelson, J. 2005. Corporate governance practices, CEO
characteristics and firm performance. Journal of Corporate
Finance. 11 (1-2), 197-228.
29. Bris, A. and Brisley, N. 2007. A Theory of Optimal
Expropriation, Mergers, and Industry Competition.
30. Bhagat, S., Carey, D. and Elson, C. 1999. Director
ownership, corporate performance, and management
turnover. The Business Lawyer, 54.
31. Hardy, G. 2006. Using IT governance and COBIT to deliver
value with IT and respond to legal, regulatory and
compliance challenges. Information Security Technical
Report. 11 (1), 55-61.
32. Henderson, J.C. and Venkatraman, N. 1993. Strategic
alignment: leveraging information technology for
transforming organizations. IBM Systems Journal. 32 (1).
33. William, B., Mezbahur, R. and Travis, H. 2006. Home page
usability and credibility: A comparison of the fastest growing
companies to the Fortune 30 and the implications to IT
governance. Information Management & Computer Security.
14(3), 252-269.
34. Nielsen, J. and Tahir. 2001. Homepage Usability: 50
Websites Deconstructed. Indianapolis. IN.: New Riders
Press.
35. Luftman, J., Bullen, C., Liao, D., Nash, E. and Neumann, C.
2004. Managing the Information Technology Resource.
Upper Saddle River, NJ.: Pearson Prentice Hall.
36. Read, T. 2004. Discussion of director responsibility for IT
governance. International Journal of Accounting
Information Systems. 5(2), 105 - 107.
37. Weill, P. and Broadbent, M. 1998. Leveraging the new
infrastructure: how market leaders capitalize on information
technology. Boston, MA. Harvard Business School Press.
38. Bowen, P.L., Cheung, M. and Rohde, F.H. 2007. Enhancing
IT governance practices: A model and case study of an
organization's efforts. International Journal of Accounting
Information Systems. 8 (3), 191-221.
39. ITGI. 2002. IT governance executive summary.
http://www.itgi.org/2002.
40. Johnson, A.M. and Lederer, A.L. 2005. The effect of
communication frequency and channel richness on the
convergence between chief executive and chief information
officers. J Manage Inf Syst. 22(2), 227-252.
41. Zee van der, H. 2002. Measuring the value of information
technology. Hershey: Idea Publishing.
42. ITGI. 2005. IT Governance Domain Practices and
Competencies: Optimising Value Creation-From IT
investments.
http://www.isaca.org/ContentManagement/ContentDisplay.c
fm?ContentID=33923.
43. Brown, W. 2006. IT governance, architectural competency,
and the Vasa. Information Management & Computer
Security. 14(2), 140 - 154.

Posthumus, S. and von Solms, R. 2004. A framework for the

governance of information security. Computers & Security.
23 (8), 638-646.
Schwarz, A. and Hirschheim, R. 2003. An extended platform
logic perspective of IT governance: managing perceptions
and activities of IT. The Journal of Strategic Information
Systems. 12 (2), 129-166.
Denis, D.J., Denis, D.K. and Sarin, A. 1997. Agency
problems, equity ownership, and corporate diversification..
Journal of Finance. 52, 135-160.
Ahn, S. and Walker, M. 2007. Corporate governance and the
spinoff decision. Journal of Corporate Finance. 13, 76-93.
Bauguess, S., Moeller, S., Schlingemann, F. and Zutter, C.
2009. Ownership structure and target returns. Journal of
Corporate Finance, 15, 48-65.
Netter, J., Poulsen, A. and Stegmoller, M. 2009. The rise of
corporate governance in corporate control research. Journal
of Corporate Finance. 15, 1-9.
Lo, A.W.Y., Wong, R.M.K. and Firth, M. 2010. Can
corporate governance deter management from manipulating
earnings? Evidence from related-party sales transactions in
China. Journal of Corporate Finance. 16 (2), 225-235.
Chung, R., Firth, M. and Kim, J.B. 2002. Institutional
monitoring and opportunistic earnings management. Journal
of Corporate Finance, 8, 29-48.
Park, Y. and Shin, H. 2004. Board composition and earnings
management in Canada. Journal of Corporate Finance. 10,
431-457.
Zingales, L. 1998. Corporate governance. In: Newman, P.
(Ed.). The New Palgrave Dictionary of Economics and the
Law.
Alexander, L. 2000. Corporate governance and cross-border
mergers, in Conference Board Research Report.
Bris, A., Brisley, N. and Cabolis, C. 2008. Adopting better
corporate governance: Evidence from cross-border mergers.
Journal of Corporate Finance. 14 (3), 224-240.
Shleifer, A. and Vishny, R. 1997. A survey of corporate
governance. Journal of Finance. 52, 737-775.
Gillan, S.L. and L.T. Starks, 1998. A survey of shareholder
activism: motivation and empirical evidence. Contemporary
Finance Digest. 2 (3),. 10-34.
Gillan, S.L. 2006. Recent Developments in Corporate
Governance: An Overview. Journal of Corporate Finance. 12
(3), 381-402.
Cornett, M.M., McNutt, J.J. and Tehranian, H. 2009.
Corporate governance and earnings management at large
U.S. bank holding companies. Journal of Corporate Finance.
15 (4), 412-430.
Denis, D. and McConnell, J.J. 2003. International corporate
governance. Journal of Financial and Quantitative Analysis.
38, 1-36.
Bhagat, S. and Bolton, B. 2008. Corporate governance and
firm performance. Journal of Corporate Finance. 14 (3),
257-273.
Chen, K.C.W., Chen, Z. and Wei, K.C.J. 2009. Legal
protection of investors, corporate governance, and the cost
of equity capital. Journal of Corporate Finance. 15 (3), 273289.
Hermalin, B. and Weisbach, M. 1988. The determinants of
board composition. Rand Journal of Economics. 19 (4), 589606.

82