Information technology governance: an evaluation of the theory‐practice gap

Abstract

PurposeThe aim of this paper is to provide an understanding of information technology (IT) governance, from both a theory and practice perspective, and to identify current theory‐practice gaps within the organisations studied.Design/methodology/approachThis study developed a complementary and collaborative model of IT governance and used a multiple case approach in which IT governance is examined against the model in four major universities. Case study research is qualitative in nature enabling insights into the “how” and “why” of IT governance to be gained.FindingsBased on underlying theory, the study was able to develop propositions regarding IT governance practices, observe current practices within the participating universities and establish gaps between theory and practice. The study identified theory‐practice gaps in each of three IT governance dimensions: structure, process and people. Gaps ranged in significance from small to large. Two large gaps existed which require attention: they are in respect of integrating IT governance mechanisms and raising the awareness and understanding of the concept among senior management.Research limitations/implicationsThe model of IT governance developed for the research can be further developed and refined. In addition, the university context may have imposed limitations as different findings could arise in different contexts. Furthermore, the participating CIOs and IT directors could have brought their own values and beliefs to the research when interpreting the IT governance objectives of their university.Practical implicationsThe model of IT governance developed for the research enables organisations to assess and map their IT governance against theoretical dimensions. By mapping observed practice against theory, the study was able to provide a mechanism of identifying theory‐practice gaps, where they existed.Originality/valueIT is ubiquitous in nature because modern IT crosses organisational activities and has become strongly aligned with business activities. Thus IT governance can be viewed as an integral part of corporate governance and requires senior management's attention. However, because of the specialised nature of IT, governance in this domain has unique characteristics. Yet, current literature reflects a lack of maturity and points to diverse and inconsistent concepts of IT governance as well as variations in how IT governance is implemented. The paper reduces uncertainty for corporate executives by systematically synthesising current literature, developing a theoretical model and testing it against current practice.