Abstract

AbstractIn recent years, IT governance has been a subject of discussion among academics and practitioners. The concern has been on the need to implement governance mechanisms and ensure the right balance of these mechanisms. However, the audit of IT governance mechanisms has received very little attention. This paper aims to analyse the overall impact of IT governance audits on the maturity and coherence of governance mechanisms. Guided by the configurational theory, the researchers argue that when governance mechanisms operate coherently and are regularly audited, there will be improvement in IT governance and the performance of financial institutions. In this study, seven financial services companies in Ghana were reviewed, and their IT governance maturity was assessed after seven months of auditing with a COBIT 5‐driven IT audit framework. Two surveys were conducted, one before and one after the auditing. The findings of the study confirm the claim that regular auditing improves IT governance maturity and coherence. Several governance mechanisms within the case organizations improved to one higher level of maturity on the Capability Maturity Model. This improvement was after seven months of auditing. Regular auditing also improved IT roles and responsibilities, empowered IT personnel and improved the IT budgetary control and architecture of the entities. This study has implications for practice. It emphasizes the importance of independent regular IT auditing and the need to ensure coherence among IT governance mechanisms if effective IT governance is to be achieved in financial institutions.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.