How to Improve Board Accountability in ISO/IEC 38500 Based on IT Governance Implementations

With the standardization of Information Technology (IT) governance through ISO/IEC 38500 in the last decade, a good number of organizations have implemented IT governance (ITG) frameworks. Although it is not a fully extended practice. Given the fact that the use of balanced score cards (BSC) on ITG is not an unknown practice, the application of BSC in the implementation of ISO/IEC 38500 has been given less importance, since it normally appears as just examples of good practices. This work not only explains why the BSC's applicability to align IT with business in ISO/IEC 38500 implementations is not included in the standard, but also justifies the importance of BSC to report to the board or senior executive team in a clear way, without the details of the particular implementation framework of the standard. Thus, a framework that allows implementing IT BSCs within the context of IT governance is proposed, cascading objectives included in the strategic map through the tactical and operational level and backwards on the construction of the KPIs to better monitor IT.

Download Full-text

Factors Affecting Business and Information Technology Alignment at the Lower Levels of a Public Organisation

International Journal of Healthcare Information Systems and Informatics ◽

10.4018/ijhisi.2018070103 ◽

2018 ◽

Vol 13 (3) ◽

pp. 35-48

Author(s):

Sid Vatharkar ◽

Ping Gao ◽

Vladislav Fomin

Keyword(s):

Information Technology ◽

Healthcare Organisation ◽

Senior Executive ◽

Structured Interviews ◽

Factors Affecting ◽

Operational Level ◽

Public Organisation ◽

Executive Level ◽

Management Expectations

This article describes how the alignment of business and information technology (IT) strategies impact organisational performance. The alignment involves an entire organisation. However, much of the research has focused on the factors affecting alignment at the senior executive level, and there appears to be less attention placed upon factors that affect the lower operational levels. This article attempts to address this gap in the literature through a case study of a healthcare organisation. Semi-structured interviews with ten employees at an operational level were qualitatively analysed to elucidate factors. Organisational culture, management expectations, communication, and the provision and recognition of skills were identified as main factors that may affect the alignment of business and IT strategies at the lower levels

Download Full-text

Achieving It Governance Of Social Media At Strategic And Operational Levels

International Business & Economics Research Journal (IBER) ◽

10.19030/iber.v15i4.9753 ◽

2016 ◽

Vol 15 (4) ◽

pp. 147-162

Author(s):

Petro Gerber

Keyword(s):

Information Technology ◽

Social Media ◽

It Governance ◽

Operational Level ◽

Control Framework ◽

Integrated Information

Social media offers great opportunities for businesses, and the use thereof will increase competitiveness. However, social media also introduces significant risks to those who adopt it. This study was undertaken to identify incremental risks resulting from the adoption of social media by businesses and to develop an integrated Information Technology (IT) governance control framework to address these risks. In order to overcome the IT gap, these risks are addressed both at strategic and operational levels. With the help of the processes in Control Objectives for Information Technology and Related Technology (COBIT) 5, this study provides safeguards or controls that can be implemented to address the IT risks that social media introduces to a business. A business can ensure that it successfully governs the IT-related risks at a strategic level through the implementation of the safeguards and controls identified from COBIT 5. This study also briefly discusses the steps that a business can follow to ensure IT-related risks at an operational level are addressed through the implementation of configuration controls.

Download Full-text

Proposed Practices To Mitigate Significant Mobility Security Risks

International Business & Economics Research Journal (IBER) ◽

10.19030/iber.v14i1.9072 ◽

2014 ◽

Vol 14 (1) ◽

pp. 199 ◽

Cited By ~ 1

Author(s):

Johanna Catherina Brand ◽

Wandi Kruger-Van Renen ◽

Riaan Rudman

Keyword(s):

Information Technology ◽

Mobile Devices ◽

It Governance ◽

Security Threat ◽

Security Risks ◽

Fast Growing ◽

Operational Level ◽

Effective Manner ◽

Specific Technology

Enterprise mobility is emerging as a fast-growing trend worldwide. Numerous risks originate from using mobile devices for business-related tasks and most of these risks pose a significant security threat to organisations information. Information Technology (IT) governance frameworks can provide guidance in managing these risks at a strategic level, but these frameworks do not effectively govern on a technical operational level. Implementation of these frameworks may also be inefficient, as they are generic and do not necessarily cover all the risks relating to a specific technology. This study provides organisations with guidance on how to govern these enterprise mobility security risks in an effective manner at both a strategic and an operational level. Using three IT governance frameworks, this study identified 12 practices that companies can employ to mitigate significant mobility security risks.

Download Full-text

Methodology of synchronization among strategy and operation. A standards-based modeling approach

Ingeniería e Investigación ◽

10.15446/ing.investig.v37n2.60869 ◽

2017 ◽

Vol 37 (2) ◽

pp. 111-119

Author(s):

VICTOR EDWIN COLLAZOS ◽

HELGA DUARTE AMAYA

Keyword(s):

Information Technology ◽

Information System ◽

Enterprise Architecture ◽

Business Processes ◽

Modeling Approach ◽

Operational Level ◽

Alignment Process ◽

Level Design ◽

High Level ◽

Help Model

Enterprise Architecture (EA) has gained importance in recent years, mainly for its concept of “alignment” between the strategic and operational levels of organizations. Such alignment occurs when Information Technology (IT) is applied correctly and timely, working in synergy and harmony with strategy and the operation to achieve mutually their own goals and satisfy the organizational needs.Both the strategic and operational levels have standards that help model elements necessary to obtain desired results. In this sense, BMM and BPMN were selected because both have the support of OMG and they are fairly well known for modelling the strategic level and operational level, respectively. In addition, i* modeling goal can be used for reducing the gap between these two standards. This proposal may help both the high-level design of the information system and to the appropriate identification of the business processes that will support it.This paper presents a methodology for aligning strategy and the operation based on standards and heuristics. We have made a classification for elements of the models and, for some specific cases, an extension of the heuristics associated between them. This allows us to propose methodology, which uses above-mentioned standards and combines mappings, transformations and actions to be considered in the alignment process.

Download Full-text

Framing Information Technology Governance in the Public Sector: Opportunities and Challenges

International Journal of Electronic Government Research ◽

10.4018/ijegr.2015100105 ◽

2015 ◽

Vol 11 (4) ◽

pp. 89-101 ◽

Cited By ~ 2

Author(s):

Khalifa Al-Farsi ◽

Ramzi EL Haddadeh

Keyword(s):

Decision Making ◽

Information Technology ◽

Public Sector ◽

It Governance ◽

Decision Makers ◽

The Public ◽

Technology Governance ◽

Support Organizations ◽

Information Technology Governance ◽

Decision Making Processes

Information technology governance is considered one of the innovative practices that can provide support for decision-makers. Interestingly, it has become increasingly a de facto for organizations in seeking to optimise their performance. In principle, information technology governance has emerged to support organizations in the integration of information technology (IT) infrastructures and the delivery of high-quality services. On the other hand, decision-making processes in public sector organisations can be multi-faceted and complex, and decision makers play an important role in implementing technology in the public sector. The aim of this paper is to shed some light on current opportunities and challenges that IT governance is experiencing in the context of public sector services. In this respect, this paper examines the factors influencing the decision-making process to fully appreciate IT governance. Furthermore, this study focuses on combining institutional and individual perspectives to explain how individuals can take decisions in response to institutional influences.

Download Full-text

Analisis Information Technology Governance Pada PT. Pertamina (Persero)

JURNAL INFOTEL ◽

10.20895/infotel.v5i1.113 ◽

2013 ◽

Vol 5 (1) ◽

pp. 52

Author(s):

Sisilia Thya Safitri

Keyword(s):

Information Technology ◽

Corporate Governance ◽

It Governance ◽

Technology Governance ◽

Information Technology Governance ◽

Code Of Corporate Governance

Information Technology Governance (IT Governance) merupakan faktor penting bagi organisasi atau perusahaan dalam memanfaatkan teknologi informasi. Adanya IT Governance akan memberikan jaminan bahwa pemanfaatan teknologi informasi dapat sejalan dengan tujuan organisasi. PT. Pertamina (Persero) sebagai perusahaan minyak berskala nasional yang telah berkomitmen untuk memberikan kontribusi yang terbaik bagi perekonomian Indonesia telah melakukan transformasi perusahaan menjadi dua tema besar, yaitu fundamental dan bisnis. Untuk mendukung komitmen tersebut, maka diperlukan peran IT yang besar. Pada Code of Corporate Governance PT.Pertamina, dicantumkan mengenai pentingnya penerapan IT Governance dalam mendukung proses bisnis yang dilakukan PT. Pertamina.

Download Full-text

PERFORMANCE MEASUREMENT OF INFORMATION TECHNOLOGY GOVERNANCE: A CASE STUDY

Jurnal Sistem Informasi ◽

10.21609/jsi.v12i2.477 ◽

2016 ◽

Vol 12 (2) ◽

pp. 57 ◽

Cited By ~ 1

Author(s):

Johanes Fernandes Andry

Keyword(s):

Information Technology ◽

Performance Measurement ◽

Business Processes ◽

Standard Procedure ◽

It Governance ◽

Competitive Advantages ◽

Technology Governance ◽

Information Technology Governance ◽

Freight Forwarder ◽

Key Aspects

Established in 2001, XYZ Cargo is a Freight Forwarder Service Company specialized in the logistic transportation located in Jakarta. XYZ Cargo has broad experiences in both ocean freight and air freight service and has more than sixty agents of partnership around the world. XYZ Cargo has implemented Information Technology (IT) that covers all key aspects of business processes of the enterprise. It has an impact on the strategic and competitive advantages of its success. Many organizations have started implementing IT governance in order to achieve the collaboration between business and IT. The purpose of this research is to get an overview of performance measurement of the currently-running IT Governance with several aspects to consider such as effectiveness, efficiency, functional unit of information technology within an organization, data integrity, safeguarding assets, reliability, confidentiality, availability, and security. The analytical tool used in this research is the COBIT 5 standard procedure by ISACA. The result of IT Governance based on COBIT 5 in domain EDM, shows average values at the level of 2.0 until 2.7 (managed process) for EDM01, EDM02, EDM03 and 1.3 until 1.7 (performed process) for EDM04, EDM05.

Download Full-text

INFORMATION TECHNOLOGY PLAN AS AN IT GOVERNANCE MATURITY DRIVER

Jurnal Sistem Informasi ◽

10.21609/jsi.v5i1.262 ◽

2012 ◽

Vol 5 (1) ◽

pp. 50

Author(s):

Budi Yuwono ◽

Rein Nusa Triputra ◽

Muhammad Nasri

Keyword(s):

Information Technology ◽

It Governance ◽

The Other ◽

Base Line ◽

Maturity Level ◽

Governance Mechanisms ◽

Technology Plan ◽

Government Institutions ◽

Other Hand

Having an information technology (IT) plan is a minimum baseline for optimal IT governance. But, creating a plan is only one problem, executing it poses even more challenging problems. In this research, we investigate the correlation between an organization’s IT plan and the organization’s IT governance maturity level. We show that, on one hand, executing an IT plan requires a certain IT governance maturity level, on the other hand, the experience of executing an IT plan drives the organization IT governance maturity level. We compare the situations in two government institutions and found indications that the organization with an ambitious IT plan has more mature IT governance than the other whose IT plan is relatively modest. The results suggest that an effective IT plan should include plans for the development of IT governance mechanisms relevant to the goals that the plan is intended to achieve, and the plan’s implementation schedule, also known as the IT roadmap, should take into consideration the growth of the IT governance mechanisms’ maturity levels. Memiliki rencana untuk teknologi informasi (TI) adalah base line untuk tata kelola TI yang optimal. Tapi, membuat rencana hanyalah satu masalah, melaksanakannya akan menciptakan masalah baru yang lebih menantang. Dalam penelitian ini, kami menyelidiki korelasi antara rencana TI suatu organisasi dengan tingkat maturity tata kelola TI-nya. Kami menunjukkan bahwa, di satu sisi, untuk melaksanakan rencana TI memerlukan tingkat kematangan tata kelola TI tertentu, di sisi lain, pengalaman dalam menjalankan rencana TI mendorong organisasi dalam meningkatkan tata kelola TI. Kami membandingkan situasi di dua lembaga pemerintah dan menemukan indikasi bahwa organisasi dengan rencana TI yang ambisius memiliki tata kelola TI lebih matang dari organisasi yang rencana TI-nya relatif sederhana. Hasil penelitian menunjukkan bahwa perencanaan TI yang efektif harus mencakup rencana untuk pengembangan mekanisme tata kelola TI yang relevan dengan tujuan yang ingin dicapai, dan jadwal pelaksanaan rencana atau roadmap TI, harus mempertimbangkan pertumbuhan tingkat mekanisme tata kelola TI.

Download Full-text

Tata Kelola Teknologi Informasi Pada Sektor Publik: Penyelarasan Teknologi Informasi Dengan Visi Kepemimpinan (Studi Kasus: Kota Salatiga dan Kabupaten Bengkayang)

Jurnal Teknologi Informasi dan Ilmu Komputer ◽

10.25126/jtiik.2021865379 ◽

2021 ◽

Vol 8 (6) ◽

pp. 1319

Author(s):

Andeka Rocky Tanaamah ◽

Agustinus Fritz Wijaya ◽

Sarah Ayu Maylinda

Keyword(s):

Information Technology ◽

Good Governance ◽

It Governance ◽

Implementation Strategies ◽

It Services ◽

Adoption Of Technology ◽

The Public ◽

Technology Governance ◽

Information Technology Governance ◽

Private And Public

Tata kelola Teknologi Informasi (TI) dibutuhkan di suatu organisasi pada saat ini menjadi perhatian utama dalam mengembangkan layanan yang telah berbasis TI. Adanya kebutuhan untuk menghasilkan kualitas layanan TI yang kredibel dan transparan telah mendorong setiap organisasi baik sektor swasta maupun sektor publik. Beberapa penelitian menunjukkan bahwa 75% adopsi suatu teknologi sering berujung kegagalan. Persoalan utama yang menyebabkan kegagalan implementasi Information Technology Governance (ITG) terletak pada operasional TI. Penelitian ini bertujuan untuk: 1) mengidentifikasi faktor-faktor kepemimpinan yang menitikberatkan kepada TI berpengaruh dalam keberhasilan maupun kegagalan implementasi tata kelola TI; (2) Sejauh mana mana visi kepemimpinan dapat mendorong implementasi ITG pada Sektor Publik. Metode kualitatif digunakan untuk memecahkan masalah tersebut, lokasi penelitian ini berada di Kota Salatiga dan Kabupaten Bengkayang. Dalam penelitian ini ditemukan faktor-faktor yang berperan seperti: komitmen kepala daerah, kemampuan dalam menjabarkan visi dan misi, ketersediaan regulasi dan aturan, dukungan untuk mengimplementasikan TI, kemampuan dalam konsolidasi dan pengelolaan, penataan kelembagaan, dukungan dan alokasi anggaran, ketersediaan infrastruktur, sumber daya manusia, dan kemampuan dalam mengembangkan strategi implementasi. Oleh karena faktor tersebut, dukungan visi kepemimpinan dalam mengembangkan tata kelola pemerintahan dapat menjadi basis reformasi birokrasi. AbstractInformation Technology (IT) governance is required in an organization is currently a major concern in developing IT-based services. The need to produce quality IT services that are credible and transparent has encouraged every organization, both private and public sectors. Several studies show that 75% of the adoption of technology often leads to failure. The main problem that causes the failure of the implementation of Information Technology Governance (ITG) lies in IT operations. This study aims to: 1) identify leadership factors that focus on IT that influence the success or failure of IT governance implementation; (2) The extent to which the leadership vision can encourage the implementation of ITG in the Public Sector. Qualitative methods are used to solve the problem, the location of this research is in Salatiga City and Bengkayang Regency. This study found factors that play a role such as the commitment of the regional head, the ability to describe the vision and mission, the availability of regulations and rules, support for implementing IT, the ability to consolidate and manage, institutional structuring, support, and budget allocation, availability of infrastructure, resources human resources, and the ability to develop implementation strategies. Because of these factors, the support for the vision of leadership in developing good governance can be the basis for bureaucratic reform.

Download Full-text

Securing Cloud Computing Through IT Governance

INFORMATION TECHNOLOGY IN INDUSTRY ◽

10.17762/itii.v7i1.62 ◽

2021 ◽

Vol 7 (1) ◽

Author(s):

Salman M. Faizi, Shawon Rahman

Keyword(s):

Information Technology ◽

Cloud Computing ◽

Information Security ◽

It Governance ◽

Security Governance ◽

Business Alignment ◽

Information Security Governance ◽

Business Needs ◽

Market Needs

Lack of alignment between information technology (IT) and the business is a problem facing many organizations. Most organizations, today, fundamentally depend on IT. When IT and the business are aligned in an organization, IT delivers what the business needs and the business is able to deliver what the market needs. IT has become a strategic function for most organizations, and it is imperative that IT and business are aligned. IT governance is one of the most powerful ways to achieve IT to business alignment. Furthermore, as the use of cloud computing for delivering IT functions becomes pervasive, organizations using cloud computing must effectively apply IT governance to it. While cloud computing presents tremendous opportunities, it comes with risks as well. Information security is one of the top risks in cloud computing. Thus, IT governance must be applied to cloud computing information security to help manage the risks associated with cloud computing information security. This study advances knowledge by extending IT governance to cloud computing and information security governance.

Download Full-text