Sage Journals: Discover world-class research

Abstract

This research is an inquiry of Control Objectives for Information and Related Technologies (COBIT) as a high-level governance and control framework which was proposed by ITGI by providing incite and statistical evidence investigating whether ITGI pillars can be accounted for the same IT governance dimension. The data were collected via a questionnaire distributed to 40 private organizations in the Middle East, comprising a sample size of 179 respondents of strategic- and tactical-level managers. To investigate the research questions, the researchers apply an exploratory and confirmatory factor analyses using EQS 6.3 and SPSS 21. The findings of the research indicate that there is an awareness of the nature of the relationship that IT governance has with its various factors as suggested by the COBIT framework: business/IT alignment, IT value delivery, IT resource management, IT risk management and IT performance. The findings also revealed that “IT risk management” is the leading indicator in explaining the IT governance application behavior. The validated model of ITGOV shows that “IT business alignment” has the least significant impact on the study sample. The overall results illustrate the needs and the imperatives of the model factors in achieving a better understanding of the characteristic value of the ITGOV applications using the COBIT framework as suggested by ITGI.

Keywords

IT governance COBIT IT business alignment IT value delivery business value delivery resource allocation IT risks management performance measurement explanatory factor analysis confirmatory factor analysis

Introduction

Governance can be defined as an economic, political, and administrative authority to manage a community’s affairs at all levels. It encompasses the mechanisms, processes, and institutions through which community members and groups articulate their interests, exercise their legal rights, meet their obligations, and mediate their differences.¹ Proper implementation of IT governance can improve accountability, transparency, participation, and predictability. According to Luftman,² organizations that don’t have a good IT governance model dissipate valuable resources, capital, time, and human in an era where both time and capital are scares, and talented people are rare. Governance is seen as the application of moral business conduct by executives in the process of making earnest decisions, as a means of delivering direction to the firm. Governance was defined as “a set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved, ascertaining that risks are managed appropriately and verifying that enterprise’s resource is used responsibly.”³ Good governance should allow effective monitoring and efficient use of organization resources.

IT governance

(Weill & Ross, 2004) defined IT governance as “IT governance represents the framework for decision rights and accountabilities to encourage desirable behavior in the use of IT” they introduce the difference between IT Management and IT governance where management is about what specific decisions are made by applying a systematic deciding process by giving the decision rights to the right people.⁴ To attain the proper corporate performance objectives, sound IT governance capitalizes on the business governance values to run and utilize IT. The definition remains coherent with a recent clarification by Boynton et al.,⁵ suggesting that “IT governance is in the place, delivery, and configuration of managerial duties and manage that eventually will impact how IT assets are used and realized.” IT governance in general terms also encompasses the process of forming measurement and control tools to empower individual’s roles and accomplish their IT tasks and responsibilities. The objective of IT governance is to guarantee the results of a firm’s business processes that realize its strategic requirements, and this is precisely what IT governance strives to achieve. As far as this research is concerned, IT governance constructs the transparency to secure business goals.⁶ It is argued that applying IT governance in organizations will lead to achieving lucidity between the business strategy and its IT initiatives. Also, it helps in creating and depicting the links between business goals and IT goals, providing transparency in the preparation of an IT business project, and thus improving the business capabilities, leading to the attainment of agreement on priorities, and helps in understanding the resources necessary to realize the initiatives.

IT governance framework

Information technology (IT) is the driving managers and business innovators, challenging to push for more flexible and efficient systems and business procedures to ensure their competitive necessity and compliance with the ever changing desires and principles.⁷ IT is considered as one of the most valuable assets in an organization as indicated by IT Governance Institute (ITGI).³ Based on this realization, the principles of IT governance are considered as the sentiments of enterprises, which result in more use of IT in the governance of business as a means to competitive advantage.⁸ By enabling it to operate effectively, invigorated management nowadays is appreciating the influence of IT in the success of the organization.^9,10

The technology assets strengthen the bet of IT as a way of achieving sustainable competitive advantage.¹¹ Consequently, IT governance should be reflected through organizational practices and related decisions to utilize its IT assets and capabilities.^8,12

IT governance objectives

The main objective of IT governance is to manage IT operations, ensuring performance is maximized and benefits are attained, thereby accomplishing the advantage of IT investment opportunities. IT governance is about ensuring that IT assets are utilized sensibly, and IT risks are avoided or mitigated correctly, and it is also about involving many organizational staffs as directors, managers, supervisors, and stakeholders.¹² The general goals of IT governance are designed to appreciate the strategic value of IT, ensuring that its processes help drive future strategies needed for its operations.

Information technology governance framework (COBIT)

Several IT governance frameworks are used worldwide, each has its strengths and weaknesses in the context of competitiveness, corporate governance demands, and regulatory requirements; the frameworks are COBIT, Information Technology Infrastructure Library (ITIL), Australian Standard for Corporate Governance of Information (AS8015), and CCBF which was introduced by Chang et al.¹³ as a new framework for performing cloud computing business and this is very relevant to IT/business strategic alignment. This trend is also supported by Chang et al.¹⁴ by establishing the cloud computing adoption framework whose security is suitable for business clouds, in addition to business intelligence as a service (BIaaS). As discussed by Chang,¹⁵ this is used to compute risk and pricing for financial analysis and stock markets. One of the most successful IT governance frameworks is COBIT which was introduced by ITGI, which categorizes the control goals and IT processes that are regularly administrated by IT organizations. For every process, COBIT is intended to deliver a comprehensive set of activities for each IT course of action to permit managers to advance business significance or diminish associated risk, configurations, actions, and strategies.¹⁶

COBIT can assist the organization to understand the importance of positioning its system, leading to the identification of the class of supervision and governance required and needed by the enterprise to deliver such class using maturity models standards of essential competence enhancements, performance areas, IT procedures measurement, that help in measuring how these processes meet business and IT goals based on balanced scorecard principles.¹⁰ COBIT as a framework permits executives to close the difference between control desires, technical matters, and business risks¹⁷ and IT governance support can be achieved by having a mutual control structure.¹¹

IT governance pillars by COBIT

COBIT enables a rich policy improvement and good exercises for IT control across the organization. It underlines the regulatory obedience, supports enterprises to escalate the value achieved from IT, permits placement, and streamlines the application of the COBIT models.¹⁸ COBIT is designed to be used by the organizations to accomplish IT audit; consequently, this act will support the comprehension of business objectives and help in spreading best practices. Here are a number of ideas that influence IT governance applications: IT value and alignment, accountability, performance measurement (PM), and risk management (RM). It is essential that each of these vital elements be examined as an integral to all IT governance processes.

IT/Business strategic alignment

It is stated that there are limited Management Information Systems (MIS) studies that explain the value and the nature of strategic alignment between business goals and IT and its relation to organizational performance.¹⁹

In addition, more research is ongoing in strategic alignment model, and its focus is on the linkage between the organization and its IT strategies; identifying, sustaining, and authenticating the IT schemes; and bring into line the IT processes with the organizational activities. IT strategies are shaped and then formed to fulfill the principal business goals. Each of the IT strategies must be related to specific organizational objectives, which include customer contact management, e-commerce services, or advancing functional promptness with enhanced application integration. The IT plan can describe the application and provisions for a new business goal. The fundamental strategic importance of IT should be affirmed in the activities of the business leaders, and any influence to override non-IT objectives should be addressed.² Moreover, Masa’deh et al.²⁰ indicated that IT/business alignment is very imperative for continuity; and thus, there is a need for an additional investigation to focus on the leading factors that expand the understanding of the alignment process with regard to business performance and its investment in IT projects.

The organizational strategy can be converted into operational tasks with the support of senior-level managers by designing IT ventures. Likewise, implementation of IT strategy must be consistent with the IT principles and guidelines so that it integrates and aligns with organizational operations and goals.²¹

Business value delivery

Doherty et al.²² indicated that business value is achieved by accomplishing value proposition through the business cycle. The central principles of IT value can be seen as in-time and budget delivery, leading to the achievement of the promised benefits. The scope of investment and the vagueness of the outcome are the fear that top management has to deal with whenever they start major IT investments. Business expectations can be achieved by decision-making managers. The IT accountability of the approved investments in IT is collectively shared among organizational designated members,⁸ taking into consideration that IT budget and its related venture plan are genuine and cohesive with the financial plans of the organization. Identifying and acquiring a novel IT solution must be governed with the rising trend as a model for the organization. The service levels should be approved and controlled continuously as needed. Consequently, the significance of IT must always be evaluated, simplified, and established, proactively pursuing new ways to increase the input of IT value²³ as well as the applications of a robust IT project management.

Resource allocation

Ideal investment and proper organization of vital IT assets confirm the correct distribution of IT resources, lack of which is the main cause of failure to achieve the highest level of efficacy of IT resources and also to minimize the expenditures of these resources in many organizations.¹¹

Moreover, IT systems and services procurement must be decided and approved, and the management should disclose the proper investments regarding infrastructure and competencies by confirming assigned responsibilities, ensuring appropriate ways and means, and having sufficient expertise to uphold and care for the IT schemes and systems Zhang & Harte,²⁴ which are accompanied by a smart investment in workforce and proper IT-related human resource planning and recruitment, and a planned retention scheme of skilled IT staff.^25
–27

Risk management

RM is documented in various learning studies such as in the study by Drucker²⁸ as the critical essentials in manipulating the productivity and innovation in an organization, where it can be seen as the key activities to be implemented in the organization. RM entails performing risk awareness, risk understanding, and assessing the organizational desire for risk. According to Aven,²⁹ understanding risk compliance, the nature of risks and adapting risk accountabilities measures are a must to ensure a proper RM.

Performance measurement

Notwithstanding the prominence of PM, there is no commonly accepted definition. It is about monitoring, evaluating, and reporting achievements to support sound management, but it can include the more broad concepts of economy, productivity, efficacy, influence, quality, safety, and timeliness.³⁰ It has been asserted that PM could include both separate and cooperative performance and as a mutual arrangement. PM with COBIT ripostes on how to fit the IT function in supporting business requirements as in screening strategy execution, resource utilization, progression performance, and service delivery. Tools such as balanced scorecards are used to help translate strategies into action plans to reach goals that are measurable beyond general accounting. According to Gerschewski and Xiao,³¹ efficient and timely measures intended for addressing organizational concerns must be endorsed via the organizational governance structure. Therefore, management needs to spread governance that is already implemented across the enterprise to IT through an efficient IT governance structure that focuses on strategic alignment, RM, value delivery and resource management and PM.²⁷ It has been also asserted that IT governance is a vital component of the organizational governance structure, which is built upon three pillars: leadership, organizational processes, and structures, ensuring that organization’s IT applications are set to achieve and encompasses the organization’s policies and goals. Also, this requires that IT board of executives and top management assume all responsibilities and the application of an IT governance framework.³²

Research model and hypotheses

IT governance framework introduced by COBIT comprises four goals that constitute and direct IT governance: RM, alignment, PM, and value delivery, where each of these goals needs to be examined as components of IT governance applications.

The research model was adopted based on the above literature, with the objective of discussing and validating the IT governance (COBIT framework) based on the selected sample, wherein the hypothesized model selected the five pillars as proposed, which are raised as research questions; whether the five pillars can be explained significantly on the COBIT framework application behavior in the chosen region and sample, more specifically, are there a direct valid noteworthy relationship between IT governance (ITGOV) and value delivery (ITVD), IT/business alignment (ITBA), resource allocation (ITRESOUR), risk management (ITRESKM), and performance measurement (PERFORMA).

Research hypothesis

As discussed in the literature, IT governance activities are designed for the purpose of confirming that IT potentials can be attained, IT performance can be optimized, and IT risks can be avoided or mitigated.

Figure 1.

Initial (Hypothesized) model of ITGOV is designed by authors and generated using EQS 6.3. ITGOV: IT governance.

Therefore, progression of IT governance should be from the setting of the organization’s IT objectives, followed by the way of establishing routines, following which the performance can be measured and tested against the proclaimed goals, leading to redesigning actions where it is needed and appropriated. The authors develop the proposed coherent model and formulate the research hypotheses to provide the statistical validation to confirm that IT governance pillars proposed by COBIT are explained in one dimension, which is the first original research that confirms that these subdimensions are statistically explained for IT governance framework as suggested by COBIT.

Hypothesis 1

There is a valid and significant relationship between IT governance and its pillars (goals alignment, value delivery, resource allocation, risk management, and performance measurement).

H_1a : There is a positive relationship between business goals alignment and IT governance application.

H_1b : There is a positive relationship between delivery and IT governance application.

H_1c: There is a positive relationship between resource allocation and IT governance application.

H_1d: There is a positive relationship between risk management and IT governance application.

H_1e: There is a positive relationship between performance measurement and IT governance application.

Methodology and data analysis

This research adopts the positivist research methodology, based on the need for quantitative data to meet the goals of this research and to carry out the required data analysis. Also, the researcher needs to understand the structure of the study variables and the relation between the variables and the constructs of the proposed mode. Considering the advantages and disadvantages of the mail questionnaire as it is widely known in comparison with other data collection methods, the study adopted the survey methods to satisfy the previously mentioned constraint. The data collection tool was developed based on an extensive literature examination and on utilizing some of the related existing measures, where initial concepts were conceived. The key concepts are based on COBIT IT governance framework which is used to construct the ITGOV characteristics value of model pillars.

Measurement strategy and operationalization of the model variables

The elements of model variables in this research were operationalized utilizing meticulous statistical procedures, beginning with factor analysis moving to internal consistency test, confirmatory factor analysis (CFA), establishing construct reliability, and summated scale procedures, and, finally, the outcome variables were analyzed using structural equation modeling. These statistical procedures are very common among many researchers. This study adopted the sequence of statistical methods for multivariate data analysis presented in Hair et al.³³ A summary of the CFA results, the internal consistency test, and the composite reliability test is given in Table 1.

Table 1.

Explanatory factor analysis results.

Items	KMO	Loading range	TVE	Cronbach’s α
ITBA (1–5)	0.82	0.86–0.70	0.60	0.83
ITVD (1–5)	0.83	0.82–0.77	0.63	0.85
ITRESOU (1–5)	0.81	0.78–0.67	0.55	0.79
ITRiskM (1–5)	0.81	0.86–0.72	0.61	0.84
ITPerfom (1–5)	0.81	0.83–0.50	0.54	0.83

KMO: Kaiser–Meyer–Olkin measure of sampling adequacy; TVE: total variance explained; ITBA: IT business alignment; ITVD: IT value delivery; ITRiskM: IT risk management; ITPerfma: IT performance.

Data analysis progression

The authors used sequential statistical techniques to accomplish the following research objectives:

Explanatory factor analysis (EFA) using principle components analysis with varimax rotation to define the underlying dimensions.

Assess scale reliability using the internal consistency measure (Cronbach’s α).

CFA to further validate the result of EFA by establishing convergent and discriminate validity.

Assess the composite reliability of the measurement using the construct reliability arising out of the CFA.

Creating a summated scale for all variables loading significantly on one factor by combining several of these variables into one composite measure.

Developing a structural model based on the composite measures and linking the hypothesized model’s constructs.

Investigating and providing interpretations of the results of the structural equation models.

Research sample

A purposeful sample was adopted for the study, by selecting 179 respondents representing 40 private organizations from Arab countries (Middle East) that capitalized heavily on IT, applications, and tools for their business process and services delivery.

Each of these companies must fulfill two criteria. First, the organization must have fully operational information system, a dedicated IT function, and allocated and utilized a sizable IT investment budget. A valid sample data examine the hypothesized model of the study. A survey questionnaire was used to collect the required data for the study.

Model validity

The evaluative measures of the quantitative research are based on some criteria of scientific rigors. The first concern of the evaluative measures of the quantitative research is the issue of validity, where validity is manifested as the degree to which a measure(s) correctly represents the concept of the study and where validity is concerned with how well the measure defines the concept. There is no easy, single way to evaluate the validity of a concept; there is a great variety of methods for establishing the validity of measuring instrument. The research adopted and utilized the most common type of validity that is most frequently cited in quantitative research.³³ The model validity was achieved via three tests of commonly used validity measures.

Content validity refers to whether the scale measures the concept it is intended to measure. Since a panel of experts scrutinized the overall questionnaire, this suggested that the content validity of our questionnaire was established.

Convergent validity was evaluated through CFA by investigating both the extent of the factor loadings of the observed variables regarding their relevant latent variables and whether those factor loadings were statistically different from zero. All factor loadings were to an adequate extent and significantly different from zero at the p = 0.05 level.

Discriminant validity is assessed by examining the cross-factor loadings of one observed variable onto all latent constructs on which high loadings were not expected to represent a discriminant validity. All cross-factor loading was insignificant and less than 0.5. The CFA was also carried out as a means of establishing the discriminant validity. All results of the CFA supported the presence of discriminant validity.

Normality

The normality is used to assess the value of data distribution that matches up with the bell-shaped normal distribution, the values of kurtosis and skewness, and standard deviation (SD) is deemed to be the determinate indicators of data normality. Skewness value indicates the symmetry of the distribution, where kurtosis value measures the flatness and peaked of the sample data concerning a bell-shaped normal distribution; both values have to be less than 1, while SD must not exceed three SD values and the sample meet the normality requirements (see Table 2).

Table 2.

Normality results.

	ITBA	ITVD	ITRESOUR	ITRISKM	PERFORMA
Variable	V1	V2	V3	V4	V5
Mean	3.4798	3.3081	3.4222	3.2382	3.4202
Skewness	−0.4721	−0.2234	−0.3639	−0.5721	−0.4952
Kurtosi	−0.0915	−0.3777	−0.1207	0.1412	−0.0775
Standard Dev.	0.7616	0.8008	0.7262	0.7988	0.6727

ITVD: IT value delivery; ITBA: IT business alignment; ITRiskM: IT risk management.

The proposed model was analyzed using EFA in SPSS [version 21]. The results showed a one-factor solution for all ITGOV pillars with a heavy correlation score loadings, and all were accepted indicators (see Table 1).

The proposed model was analyzed using confirmatory factor methods to study the significance of the proposed study model using MVSOT application “EQS 6.3” (see Table 3).

Table 3.

Model-fit indicators.

Fit indicators	Benchmarks	Model values
Chi-square (χ²)	–	1.235
Probability (p)	≥0.05	0.266
Bentler–Bonett normed fit index	≥0.9	0.998
Comparative fit index	≥0.9	1.000
Goodness of fit index	≥0.9	0.997
Root mean square error	≤0.1	0.036
Model Cronbach’s α	≥0.5	0.908

From the stated results, it can be concluded that all fit measurement indicators prove that the hypothesized model is accepted and, thus, the model was adopted for hypothesis testing of this study.

Model testing

The coefficient of determination (R ²) was used to test the hypotheses of the proposed model, where R ² reflects the size effect of the full structural model. Standardized coefficients (β) used to thoroughly examine the scale of the impact; a weak relationship is indicated as β moves closer to zero, while strong if the opposite happens (see Table 4).

Table 4.

Model measurement.

Relationship path	Standardized beta (β)	T statistics	R ²	Significance at 0.05
ITGOV = f (ITBA)	0.705	7.97	0.50	√
ITGOV = f (ITVD)	0.875	5.00	0.77	√
ITGOV = f (ITResM)	0.801	7.82	0.64	√
ITGOV = f (ITRiskM)	0.891	4.42	0.80	√
ITGOV = f (ITPerfma)	0.840	7.14	0.71	√

ITGOV: IT governance; ITBA: IT business alignment; ITVD: IT value delivery; ITResM: IT resource management; ITRiskM: IT risk management; ITPerfma: IT performance.

ITGOV measurement model debates the significant association between ITGOV and its pillars (ITBA, ITVD, ITResM, ITRiskM, and ITPerfma) as indicated by the study. The latent factor (ITGOV) and the five independent factors show a clear positive significant relationship. It can be noted from Table 4 that T-statistic is significant at 0.05 for all relations, accepting all relationships of the representative ITGOV pillars. Also, it can be concluded from Table 5 that the “risk management” factor has the highest impact on ITGOV, with a β value of 0.900, followed by “value delivery” and “business alignment,” having the least impact with a β value of 0.710 (see Table 5).

Table 5.

Descending impact of COBIT IT governance pillars according to beta.

Order	Pillar	Standardized β
1	IT risk management	0.900
2	IT value delivery	0.880
3	IT performance	0.840
4	IT resource management	0.801
5	IT business alignment	0.710

Figure 2.

Structured model results of ITGOV is generated by EQS 6.3. ITGOV: IT governance.

Discussion and conclusion

The findings of the final research model indicated clearly the acceptance of the characteristic value of the proposed model variables, where the ITGOV composite factors—performance management, risk management, resource management, value delivery, and alignment—had a significant influence on the behavior of the ITGOV application within the sample of service companies chosen for the study.

The results should guide ITGOV application as it will help in the process of IT planning. To ensure performance management, managers should consider exposing and strengthening the trend to attain assurance, control, and comfort about major IT decisions. CIO cooperation to ensure IT performance is properly linked to business goals. It is essential to monitor service levels, address IT performance problems, and adopt corrective actions. With regard to priorities, managers should practice the day-to-day management and verification of IT processes and controls for a successful process performance. Considering RM as the factor with the highest impact of ITGOV application, managers must ensure the implementation of an IT control framework, monitor IT risks are mitigated efficiently and explore the business impact on the enterprise as well as make risk likelihood transparent to the stakeholders. Managers should also ensure that all critical roles in managing IT risks are appropriately defined and staffed. In order to maximize the benefit of resource management, companies should capitalize on its information and knowledge, have enable an effective IT performance through wise resources allocation, and establish business priorities and organizational structures; and companies should make responsibilities flexible enough to facilitate IT strategy implementation and information sharing and thereby the insurance of the availability of suitable IT resources. Value delivery can be attained through shared duty and concern of IT investments between the IT and the business, where business and executive expectations about IT are managed. Budgeting and IT investment planning have to be representative of and cohesive with the overall goals, taking into consideration the financial reporting of an accurate IT accounting. The service levels should be approved and controlled continuously as well as a tendency to recognize and attain new IT services. The value of IT must be periodically assessed, clarified, and demonstrated, always pursuing new ways to rise IT contribution proactively. Finally, a strong IT project management disciplines must be established. With regard to alignment factor, IT plans and processes must be affiliated and unified with business goals and operations, while plan and objectives should always be interpreted into operational missions. A clear guarantee from the executives for the main IT projects is also imperative. IT capabilities should be enforced to be reflected in the daily IT operations, ensuring IT strategy implementation according to current IT principles and guidelines. This study provides a clear picture in considering the pillars as most important in the ITGOV system to achieve sustainability and prosperity, and it is also noted that service companies also need to create a more sound understanding of the strategies of the long-term planning and alignment between IT assets and business development projects. Finally, the research findings establish a scientific support to the link academic studies and practical implementations of this concept, which was revealed by ITGI as a non-academic organization to help companies realizing the importance of IT governance and focusing their efforts on IT planning and implementation in addition to increasing the awareness of IT governance mechanisms and applications among decision makers. As per to authors’ knowledge; this research is the first original one that statistically proves and confirms the sub-dimensions of COBIT as a coherent IT governance framework as suggested by ITGI.

Footnotes

Acknowledgments

The authors would like to thank all who responded to the distributed questionnaire. They are also grateful to all managers who support this research to see the light.

Declaration of conflicting interests

The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The author(s) received no financial support for the research, authorship, and/or publication of this article.

References

Afandi

. Information technology governance role in enhancing IT portfolio management: a case study on Saudi Arabia private sector. Int J Res Rev Appl Sci 2016; 26(1): 47.

Luftman

. Managing the information technology resources. New Jersey: Pearson Prentice Hall, 2004.

IT Governance Institute. IT governance roundtable: IT governance frameworks, 2008. IL, USA.

Weill

Ross

. IT governance: how top performers manage IT decision rights for superior results . Boston: Harvard Business Press, 2004.

Boynton

Jacobs

Zmud

. Whose responsibility is IT management? MIT Sloan Manage Rev 1992; 33(4): 32.

Spremić

MARIO

. IT governance mechanisms in managing IT business value. WSEAS Trans Info Sci Appl 2009; 6(6): 906–915.

Alreemy

Chang

Walters

. Critical success factors (CSFs) for information technology governance (ITG). Int J Info Manage 2016; 36(6): 907–916.

Pereira

da Silva

. A literature review: IT governance guidelines and areas. In Gil-Garcia

Helbig

Ojo

(Ed.), 6th International Conference on Theory and Practice of Electronic Governance Albany, NY, USA: ACM. 2012, pp. 320–323.

Delone

Mclean

. The Delone and Mclean model of information systems success: a ten-year update. J Manage Info Sys 2003; 19(4): 9–3.

10.

ITGI. COBIT 4.1 framework control objectives management guidelines maturity models. Illinois: The IT Governance Institute (ITGI), www.itgi.org, 2007.

11.

Al Qassimi

Rusu

. IT governance in a public organization in a developing country: a case study of a governmental organization. Proc Comp Sci 2015; 64: 450–456.

12.

de Souza

Tonelli

Zambalde

. Evaluating IT governance practices and business and it outcomes: a quantitative exploratory study in Brazilian companies. Proc Technol 2014; 16: 849–857.

13.

Chang

Walters

Wills

. The development that leads to the cloud computing business framework. Int J Info Manage 2013; 33(3): 524–538.

14.

Chang

Walters

Brian

. Organisational sustainability modelling: an emerging service and analytics model for evaluating cloud computing adoption with two case studies. Int J Info Manage 2016; 36(1): 167–179.

15.

Chang

. The business intelligence as a service in the cloud. Future Gener Comput Syst 2014; 37: 512–534.

16.

Lunardi

Becker

Maçada

. The impact of adopting IT governance on financial performance: an empirical analysis among Brazilian firms. Int J Account Info Syst 2014; 15(1): 66–81.

17.

Goldman

Ahuja

. Integration of COBIT, balanced scorecard and SSE-CMM as an organizational & strategic information security management (ISM) framework. In ICT Ethics and security in the 21st century: new developments and applications. IGI Global. 2011, pp. 277–309.

18.

Rodríguez

Son

. eGovernment standard framework. In: 15th annual international conference on digital government research, 2014, pp. 316–321. New York: ACM.

19.

Alaceva

Rusu

. Barriers in achieving business/IT alignment in a large Swedish company: what we have learned? Comp Human Behavior 2014; 51: 715–728.

20.

Masa’deh

Hunaiti

Yaseen

. An integrative model linking IT-business strategic alignment and firm performance: the mediating role of pursuing innovation and knowledge management strategies. Communicat IBIMA 2008; 2: 180–187.

21.

El-Mekawy

Rusu

Perjons

. An evaluation framework for comparing business-IT alignment models: a tool for supporting collaborative learning in organizations. Comp Human Behavior 2015; 51: 1229–1247.

22.

Doherty

Shakur

Ellis-Chadwick

. The role of e-service quality management in the delivery business value. J Retail Consum Ser 2015; 27: 52–62.

23.

Zhu

Zhao

Tang

. Leveraging e-business process for business value: a layered structure perspective. Info Manage 2015; 52(6): 679–691.

24.

Zhang

Harte

. Population dynamics and competitive outcome derive from resource allocation statistics: The governing influence of the distinguishability of individuals. Theoretical population biology 2015; 105: 53–63.

25.

Bowman

Davis

Wetherbe

. Three stage model of MIS planning. Info Manage 1983; 6(1): 11–25.

26.

Boynton

Zmud

. Information technology planning in the 1990s: directions for practice and research. MIS Quart 1987; 11(1): 58–71.

27.

Hammami

Alkhaldi

. Enhancing BI systems application through the integration of IT governance and knowledge capabilities of the organization. In: Rahman El Sheikh

Alnoukari

(eds) Business intelligence and agile methodologies for knowledge-based organizations: cross-disciplinary applications. Hershey: Business Science Reference, 2012, pp. 161–182.

28.

Drucker

. Management challenges for the 21st century. New York: Harper Collins, 1999.

29.

Aven

. Risk assessment and risk management: review of recent advances on their foundation. Eur J Operat Res 2016; 253(1): 1–13.

30.

Hyder

Hebl

. Performance measurement to demonstrate value. Anesthesiol Clin 2015; 33(4): pp. 679–696.

31.

Gerschewski

Xiao

. Beyond financial indicators: an assessment of the measurement of performance for international new ventures. Int Bus Rev 2015; 24(4): 615–629.

32.

Ward

Peppard

. The strategic management of information systems: building a digital strategy. New Jersey: John Wiley & Sons, 2016.

33.

Hair

William

Babin

. Multivariate data analysis. 7th ed. Pearson, 2010.

Understanding value characteristics toward a robust IT governance application in private organizations using COBIT framework

Abstract

Keywords

Introduction

IT governance

IT governance framework

IT governance objectives

Information technology governance framework (COBIT)

IT governance pillars by COBIT

IT/Business strategic alignment

Business value delivery

Resource allocation

Risk management

Performance measurement

Research model and hypotheses

Research hypothesis

Hypothesis 1

Methodology and data analysis

Measurement strategy and operationalization of the model variables

Data analysis progression

Research sample

Model validity

Normality

Model testing

Discussion and conclusion

Footnotes

Acknowledgments

Declaration of conflicting interests

Funding

References