Developing a comprehensive IT governance framework for Iranian hospitals: a fuzzy Delphi approach

In the rapidly evolving landscape of business analytics and data management, optimizing IT governance and risk management is critical for ensuring data integrity and enhancing business decision-making processes. This paper explores innovative strategies for optimizing IT governance and risk management frameworks within the context of business analytics in the United States. Effective IT governance is essential for aligning IT strategies with business objectives, ensuring compliance with regulatory requirements, and mitigating risks associated with data management. The study emphasizes the importance of robust IT governance frameworks that incorporate clear policies, procedures, and controls to safeguard data integrity and support accurate business analytics. It highlights the role of risk management in identifying, assessing, and mitigating risks related to data security, privacy, and compliance. By integrating comprehensive risk management practices into IT governance, organizations can enhance their ability to make data-driven decisions while maintaining high standards of data integrity. Key components of effective IT governance and risk management discussed in this paper include the implementation of data governance policies, the adoption of risk assessment methodologies, and the establishment of continuous monitoring and audit mechanisms. The paper also examines the impact of emerging technologies, such as artificial intelligence and machine learning, on optimizing IT governance and risk management practices. Case studies from various U.S. organizations illustrate successful strategies for integrating IT governance and risk management with business analytics. These case studies provide practical insights into overcoming common challenges and achieving enhanced data integrity and business performance. The findings underscore the necessity for organizations to develop a cohesive IT governance framework that addresses risk management proactively and aligns with best practices in data analytics. Recommendations include adopting a holistic approach to IT governance, leveraging advanced technologies for risk mitigation, and fostering a culture of continuous improvement in data management practices.

We address the problematic IT governance in group-wide corporation. The challenge of IT transformation in corporation is the motivation for us to build up a suitable IT governance framework and operating model. We introduce preliminary methodology for comprehensive IT governance design, and detailed IT maturity model which is built up for IT transformation design. IT transformation map should be taken into account to design the implementation plan of IT governance. Finally we give an IT operating model and governance framework description.

The failure of many organisations over the years has led to a greater need for transparency and accountability. The Corporate Governance Framework, as developed by the King report, is the overarching framework that ensures that the board of directors are responsible for the governance of an organisation. The King III report implies that the board should also be responsible for IT governance because IT is a crucial and costly component that enables the achievement of organisational objectives. From several IT Governance frameworks that exist, the Bank of Namibia, through its integration initiative with the SADC Central Banks, has adopted COBIT 4.1 as an IT governance framework. COBIT 4.1 has several processes that directly aid the alignment of IT to business. A study of the implementation approach of the framework at the Bank and its effectiveness in ensuring the alignment of IT to the business functions was conducted. This study used a quantitative research methodological approach. A questionnaire was developed and was completed using a stratified sample of 35 individuals chosen from a target population comprised of the IT department, executive management and IT compliance champions in the Bank. The findings from the study revealed that a good understanding of what corporate and IT governance entails was evident in the Bank. Ninety-seven percent of the respondents indicated that IT is a key strategic tool that can be leveraged to achieve business goals. In the age of changing technology, the study revealed that the IT department is innovative and stays abreast with new technologies and trends. User awareness was not adequate and the study further revealed that only 49% of the respondents were involved in the IT governance project. The study revealed that top management supported the project. The study also reflected the positive role of IT auditing in the project. It was also noted that IT service delivery has improved and that benchmarking initiatives, as a result of the project, can lead to significant improvements in IT operations. The study revealed that the IT department understands business needs through a process facilitated by their annual departmental visits. The results from the departmental visits are well prioritised projects and IT projects that are tailored to support business goals. An IT steering committee, which was formulated, ensures that executive management is involved in key IT decisions and the reports on IT governance to the board and ensures that awareness is raised on that platform. It is recommended that an IT user awareness programme be established and an investment framework should also be established. It is recommended that the Bank adopts the COBIT 5 framework, which is a more holistic approach that focuses on governance as well as allowing for greater alignment between IT and business functions.

Due to the absence of a comprehensive framework for IT governance, the main objective of the study is to identify all components of IT governance and present them in the form of a comprehensive IT governance framework .The localization of provided framework for the automotive industry is the secondary objective of the study. In this regard, the research questions are: what is the comprehensive framework of IT governance? What are the components and dimensions of a comprehensive framework of IT governance? What is the localized comprehensive framework of IT governance for the Iranian automotive industry? All researches on IT governance were investigated using meta-synthesis qualitative method and were limited to 96 selected articles by performing a meta-synthesis process. Then, the five categories, 19 concepts and 79 codes of IT governance were identified through detailed study of these articles. Then, a comprehensive framework of IT governance was presented. For localizing, a questionnaire designed based on the identified IT governance components, and distributed among the automotive industry experts. Statistical hypothesis testing of collected data led to the rejection of cross/functional job rotation component in the automotive industry. To demonstrate the applicability of the framework, the IT governance status of ATLAS holding company was evaluated based on the comprehensive framework that localized for automotive industry.

Recent years have seen an unprecedented consolidation of best practice know-how in various areas of IT management. With it came a certain popularity of standards and reference models (COBIT, ITIL, CMMI, ISO/IEC 27000 family etc.) commonly classified as frameworks for IT governance. Each of these frameworks aims to support certain parts of IT management with best practice knowledge and enhances the quality of the delivered IT Services. But now we are facing a situation characterised by an abundance of these IT governance frameworks. In particular their combined or parallel usage increasingly creates redundancies and issues of complexity. To organise an efficient interaction between frameworks and to cope with their heterogeneity; e.g. in process semantics and description techniques; the application of these frameworks has become a lively issue of research. In this contribution the authors will reflect on the state of the art in comparing and integrating IT governance frameworks, analyse pros and cons of various approaches, and present their own approach based on metamodelling. The authors consider metamodelling a promising approach to close the gap between high-level comparison and detailed mapping as it allows an identification of redundancies and incoherent semantics on a framework-independent level. Promising an increasing return on investment, harmonisation is an important topic within IT departments (Siviy et al., 2007). This approach is a first step toward an integrated and harmonised handling of the meanwhile mandatory frameworks for IT management.

IT Governance frameworks such as COBIT, ITIL, and ISO have become the most important guidelines for IT Governance (ITG). These frameworks are used by organizations as a tool to evaluate their own ITG systems and to help the IT managers to bridge any gaps between the technical issues, business risks, and control requirements. The main objective of the research is to study the various IT governance frameworks used by the organizations and the challenges they face in compliance with the IT Governance framework, and the steps taken to overcome these challenges in the UAE. This objective was achieved by using a quantitative approach through a questionnaire felt by a sample of IT executives or IT professionals working at different private and public organizations in the UAE. The results of the study discovered that most of the organizations use ITIL and ISO as their preferred choice of the ITG framework, and the major challenge faced by the organizations in compliance with the ITG frameworks is the lack of people’s acceptance which overcomes by training people using tools and systems with the frameworks used in the organizations. This study provides useful information for future researchers to understand the challenges in implementing the ITG frameworks and how to overcome them in the context of the private and public sectors in the UAE.

Over years, research in Management Information Systems (MIS) has resulted in significant implications for organizations in a wide variety of areas by using socio-technical perspective, which has helped to deliver more business focused solutions. This study reports the results of an empirical examination of the effect of IT governance framework based on COBIT and Organizational Knowledge Pillars in enhancing the IT Governance framework (Business / IT Strategic alignment, Business value delivery, risk management, Resource management, performance measurement) to enhance the business intelligence application and usability within the organization. Quantitative method is adopted for answering the research questions. A questionnaire was used for data collection after contacting several companies, in addition confirmatory factor model and structural equation model were developed and tested and the overall results of the empirical investigation supported the general framework. Using confirmatory factor analysis techniques, the effects of the combination between IT governance factors seen by ITGI and organizational knowledge pillars of the firm on BI Systems application in it were tested and confirmed and the models were also verified. Several statistical methods were used for data analysis; moreover different statistical tools as software packages were employed such as SPSS 17 and EQS 6.1. The study proposes that knowledge management (KM) and IT Governance framework are vital organizational abilities that support business intelligence application; it also observes that combination of IT governance framework with organizational knowledge within the firm can enhance the organization’s BI system application and usability, and its goal is to advance the understanding of the relationships among these factors. The study develops and tested two main hypothesizes: (1) IT Governance framework supports business intelligence application. (2) Organizational knowledge, in turn, leads to support business intelligence application.

A large number of studies has been carried out on IT governance during the last decade, with the aim to support companies in implementing IT governance frameworks aligned with the business strategy. However, companies which create value and develop competitive advantage through an intensive use of Enterprise Resource Planning (ERP) and Business Intelligence Systems (BIS), should implement an IT governance framework tailored on Critical Success Factors (CSFs) of both systems. To organise the main studies on IT governance frameworks, as well as to support companies in designing (or reviewing) their IT governance framework by considering the CSFs of ERP and BIS, a conceptual framework is introduced and discussed. The insights arising from this study are supported by the literature and suggest that an IT governance framework should be designed by considering the ERP and BIS critical success factors, especially in companies whose success heavily depends on such systems.

The purpose of this exploratory research paper is to evaluate the deployment and assessment methodology of the information technology governance (ITG) measurement tools, with the purpose of gaining deeper insight into the ITG initiation process, the nature of tools employed, measurement processes, and the implementation methodology, using case studies. Analysis of the available academic and non-academic literature sources showed measurement issues being the most dominant and ironically the most neglected domain in ITG implementations. We view ITG measurement tools and it subsequent deployment through the two theoretical ITG models namely the Integrated IT Governance model, and the Structures, Processes, and Relational ITG model. To validate these findings and to get a deeper insight into the ITG measurement domain, we conducted four case studies of measurement tools usage and processes in commonly used ITG frameworks in four organisations in New Zealand and United Arab Emirates. The results indicate that the IT governance initiatives differ in the manner of positioning in the integrated ITG framework, and objectivity of measurement is more evident and emphasized in UAE than in New Zealand. The result of these findings provides practitioners with guidance on the contextual usage of ITG measurement practices KEYWORDS: IT Governance measurement, IT business alignment, metrics INTRODUCTION Assessing the measurement and value of IT is a complex challenge and a future research direction (De Haes, Van Grembergen, & Debreceny, 2013). Thus, there is an ever-increasing demand for accountability and objectivity in the measurement of information technology auditing, and IT processes performance (Maria, Fibriani, & Wijaya, 2012). Supplemented, with an ever-increasing demand for compliance in the information domain, organizations have witnessed an increase in the adoption of IT governance (ITG) frameworks. In a highly contextually different, but global organizational structure, ITG implementation however, remains an issue where the theory does not or cannot always deliver to the expectations of practitioners. Globally, IT governance is concerned with two things: that IT delivers value to the business and that IT risks are mitigated and both need measurement (Grembergen, Haes, & Guldentops, 2004), but contextually the subsequent practices may differ. This key issue of aligning IT goals with business goals, which overlap two domains namely IT and business is the primary goal of IT governance. However, this continuous alignment of business and IT in a rapidly changing environment has also been the top concern (Kappelman, McLean, Johnson, & Torres, 2016) and a grand challenge for today's enterprises (Hinkelmann et al., 2016). In this respect, the objective of continuous measurement of IT processes/IT controls to ensure alignment, plays a critical role in IT business alignment success through higher-level measurement models (IT maturity model, balance scorecard); and process measurement tools namely heat map, key performance indicators, and key goal indicators. While organizations worldwide embark on adopting ITG frameworks, the subsequent need to select and integrate overlapping ITG frameworks has presented practitioners with challenges in terms of choice and integration of frameworks (Nicho & Muamaar, 2016). While the most prominent IT governance frameworks include ITIL, COBIT, ITCG & COSO (Benaroch & Chernobai, 2012), COBIT and ITIL are commonly used for IT governance implementations (Stevens, 2011). Hence, assessment of the IT processes/IT controls of these frameworks is not only a continuous process for audit and compliance, but also presents challenges in terms of consistency of audit, compliance, and/or measurement. With alignment of IT with the business being the highest management concern for organizations (Kappelman et al., 2016), IT governance become an important issue on the agenda for many enterprises (Simonsson, Johnson, & Wijkstrom, 2007). …

Public sector organisations are faced with the ethical demand to provide value, be transparent and accountable which however is the reverse for most public sector organisations. Over the years there has been attention on corporate governance and the focus of interest has been IT governance, with the crafting of IT governance frameworks such as the COSO, COBIT and ITIL etc. to help organisations to implement effective IT governance framework. This research focuses on how IT governance is adopted in the public sector, what factors affect the implementation of IT governance in the public sector and the implementation tools available. A desk research method was used for the vast amount of data to review how organisations are faring in the implementation of IT governance frameworks. The research was a qualitative research. The research findings reflect that there are challenges in implementing IT governance in most public sector organisations because of factors ranging from weak corporate governance, financial constraints, lack of interest and innovation, large size of most of the public sector organisations, making the control structure too broad for the Boards, and political reasons. Most public sector organisations are within the ad-hoc and fragmented maturity levels of IT Governance. The researcher recommends further research on the failure to enforce and make compulsory the implementation of IT governance in public sector.

In the rapidly evolving landscape of financial institutions, robust IT governance is essential to ensure that information technology supports business goals, mitigates risks, and complies with regulatory requirements. This comprehensive review examines the effective implementation of two prominent IT governance frameworks, COBIT (Control Objectives for Information and Related Technologies) and ITIL (Information Technology Infrastructure Library), within financial institutions. The review highlights the unique features, advantages, and challenges associated with each framework, and provides insights into their synergistic application for optimizing IT governance. COBIT is a comprehensive framework that focuses on the governance and management of enterprise IT, providing a structured approach to aligning IT with business strategy, managing risk, and ensuring compliance. ITIL, on the other hand, is a set of detailed practices for IT service management (ITSM) that focuses on delivering value to customers and improving service quality. While COBIT offers a high-level governance model, ITIL provides detailed guidance on service management processes. The integration of COBIT and ITIL frameworks offers a holistic approach to IT governance, combining COBIT’s strategic oversight with ITIL’s operational focus. This synergy enhances the ability of financial institutions to achieve operational excellence, regulatory compliance, and strategic alignment. Case studies from leading financial institutions demonstrate how the combined use of COBIT and ITIL frameworks has led to improved IT governance, risk management, and service delivery. The review also addresses the challenges encountered during the implementation of these frameworks, including organizational resistance, the complexity of integration, and the need for continuous improvement. Strategies for overcoming these challenges are discussed, emphasizing the importance of executive sponsorship, stakeholder engagement, and tailored training programs. In conclusion, this comprehensive review underscores the critical role of COBIT and ITIL frameworks in strengthening IT governance within financial institutions. By effectively implementing these frameworks, financial institutions can enhance their IT governance capabilities, drive operational efficiencies, and ensure compliance with regulatory standards. The findings of this review provide valuable insights for IT leaders and practitioners seeking to optimize IT governance and support the strategic objectives of their organizations. In this review paper, I examine the significant impact of integrating COBIT and ITIL frameworks to enhance IT governance, operational efficiency, and compliance within financial institutions. I draw on detailed case studies and practical examples from my extensive experience to illustrate these concepts. Keywords: IT Governance, Financial Institutions, ITIL, COBIT, Effective Implementation.

CIOs' innovation capability is regarded as a precondition of successful HIT adoption in hospitals. Based on the data of 142 CIOs, this study aimed at identifying antecedents of perceived innovation capability. Eight features describing the status quo of the hospital IT management (e.g. use of IT governance frameworks), four features of the hospital structure (e.g. functional diversification) and four CIO characteristics (e.g. duration of employment) were tested as potential antecedents in an exploratory stepwise regression approach. Perceived innovation capability in its entirety and its three sub-dimensions served as criterion. The results show that CIOs' perceived innovation capability could be explained significantly (R2=0.34) and exclusively by facts that described the degree of formalism and structure of IT management in a hospital, e.g. intensive and formalised strategic communication, the existence of an IT strategy and the use of IT governance frameworks. Breaking down innovation capability into its constituents revealed that “innovative organisational culture” contributed to a large extent (R2=0.26) to the overall result sharing several predictors. In contrast, “intrapreneurial personality” (R2=0.11) and “openness towards users” (R2=0.18) could be predicted less well. These results hint at the relationship between working in a well-structured, formalised and strategy oriented environment and the overall feeling of being capable to promote IT innovation.

The lack of effective IT governance is widely recognized as a key inhibitor to successful global IT outsourcing relationships. In this study we present the development and application of a governance framework to improve outsourcing relationships. The approach used to developing an IT governance framework includes a meta model and a customization process to fit the framework to the target organization. The IT governance framework consists of four different elements (1) organisational structures, (2) joint processes between in- and outsourcer, (3) responsibilities that link roles to processes and (4) a diverse set of control indicators to measure the success of the relationship. The IT governance framework is put in practice in Shell GFIT BAM, a part of Shell that concluded to have a lack of management control over at least one of their outsourcing relationships. In a workshop the governance framework was used to perform a gap analysis between the current and desired governance. Several gaps were identified in the way roles and responsibilities are assigned and joint processes are set-up. Moreover, this workshop also showed the usefulness and usability of the IT governance framework in structuring, providing input and managing stakeholders in the discussions around IT governance.KeywordsAccount ManagerPortfolio ManagementMeta ModelJoint ProcessGovernance FrameworkThese keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

IT governance is crucial for information systems, as it defines guidelines and policies to be applied to manage and control IT in business. IT governance promotes, encourages, discourages or bans different management behaviors regarding IT, aiming to achieve business goals and requirements and to manage IT risks. However, IT is more and more a service activity. Users, process owners and the business itself demand efficient and effective IT services. Therefore, it is necessary to design and implement a comprehensive IT governance and service framework, able to link the two aspects: both to define “decision rights and accountabilities to encourage desirable behaviors in the use of IT” (Weill, MIS Q Executive 3:1–17, 2004) and to deliver the required IT services. In this chapter, an IT governance and service comprehensive framework is defined, supported by the empirical implementation of this theoretical model in a large industrial company.KeywordsIT governanceIT serviceFlexibilityService management

The presence of industry 4.0 brings various conveniences in operational and marketing processes for companies, including micro, small and medium enterprises (MSMEs). All companies are required to be able to utilize information technology in order to win the competition. Based on 2019 data, the number of MSMEs in Indonesia is 99.99% of the total number of companies and contributes to a GDP of 61.1%. With many MSMEs in Indonesia, their existence also opens up wider job opportunities with more equitable economic benefits for the community. To win the competition, MSMEs must optimize the use of information technology. To use information technology to align with business goals, MSMEs need IT Governance. Implementation of the IT Governance Framework generally runs in large companies. Constraints for small companies are usually related to the cost and complexity of the existing IT Governance Framework. This paper aims to develop an IT Governance Framework suitable for MSMEs and can be applied easily and efficiently. The initial stage is to develop a framework based on a literature review of the existing frameworks, namely COBIT, ITIL, CMMI, TOGAF, and relevant research. The proposed framework consists of six main components: Architectural Readiness, Technology Adoption, Service Management, Continuous Improvement, Leader Engagement, and Network Capability. Subsequently, improvements were made to the proposed framework by conducting quantitative and qualitative research on MSMEs to produce a better framework. As a validation stage, the enhanced framework will then be discussed with experts and the response from the MSMEs. Thus, it is hoped that the proposed framework can help MSMEs effectively utilize information technology that supports and is in line with MSME's business values.