Ako-Nai, A., & Singh, A.
(2019). Information technology governance framework for improving
organisational performance. South African Journal of Information
Management, 21(1), e1–e11.
ABSTRACT
Background: Following the corporate failures of the 1990s, factors identified as evidence for these
failures extended beyond just weak or ineffective corporate governance models, codes and
legislation. Poor management and oversight of information technology (IT) systems were also
identified as sources of failure as a result of organisations’ significant utilisation and reliance on IT.
For more control and regulations, existing corporate governance codes of practice and the
development thereof were reviewed and reformed. Information technology governance reforms
were then incorporated into corporate governance codes, and IT governance established as a
board-level responsibility. Over the years, studies into board-level IT governance have been limited,
and thus the nature of board-level IT governance and its constitutional aspects are not fully known.
Objectives: The aim of this study was to identify and assess aspects of IT governance implemented
by the boards of companies listed on the Johannesburg Stock Exchange in South Africa.
Method: In-depth, semi-structured interviews were conducted. Interview data was
thematically analysed and key themes identified.
Results: Boards have been effective in terms of IT investments and budgeting, which were
identified as key factors in effecting IT oversight. Boards have delegated most aspects of their
IT governance oversight to board-level risk and audit committees, thus limiting the level and
depth of interrogation of IT oversight by the board. The oversight of board IT governance is
weak in outsourced IT arrangements.
Conclusion: The implementation of board-level IT governance goes beyond prescribed IT
governance principles within corporate governance codes. In effecting their IT governance,
boards consider IT projects that contribute to organisational sustainability and those that
positively add value to stakeholders, such as employees and consumers.
REFERENCES
Aguilera, R.V. & Cuervo-Cazurra, A., 2004, ‘Codes of good governance worldwide:
What is the trigger?’, Organization Studies 25(3), 415–443. https://doi.org/
10.1177/0170840604040669
Aguilera, R.V. & Jackson, G., 2010, ‘Comparative and international corporate
governance’, The Academy of Management Annals 4(1), 485–556. https://doi.org
/10.5465/19416520.2010.495525
Akingunola, R.O., Adekunle, O.A. & Adedipe, O.A., 2013, ‘Corporate governance and
bank’s performance in Nigeria (Post–bank’s consolidation)’, European Journal of
Business and Social Sciences 2(8), 89–111.
Ali, S. & Green, P., 2012, ‘Effective information technology (IT) governance
mechanisms: An IT outsourcing perspective’, Information Systems Frontiers 14(2),
179–193. https://doi.org/10.1007/s10796-009-9183-y
Aoki, M., 2010, Corporations in evolving diversity: Cognition, governance, and
institutions, Oxford University Press, New York.
Ayuso, S., Rodríguez, M.A., García-Castro, R. & Ariño, M.A., 2014, ‘Maximizing
stakeholders’ interests: An empirical analysis of the stakeholder approach to
corporate governance’, Business & Society 53(3), 414–439. https://doi.org/
10.1177/0007650311433122
Balsmeier, B., Buchwald, A. & Zimmermann, S., 2013, ‘The influence of top
management corporate networks on CEO succession’, Review of Managerial
Science 7(3), 191–221. https://doi.org/10.1007/s11846-011-0073-6
Bart, C. & Turel, O., 2010, ‘IT and the board of directors: An empirical investigation into
the “governance questions” Canadian board members ask about IT’, Journal of
Information 24(2), 147–172.
Benkhayat, A., El Manouar, A. & Sadok, H., 2015, ‘Firm business strategy and IT
strategy alignment: A proposal of a new model’, in 2015 Xth International Scientific
and Technical Conference “Computer Sciences and Information Technologies”
(CSIT), Lviv, Ukraine, September 14–17, 2015, pp. 172–178, IEEE Computer Society
Washington, DC.
Calder, A., 2008, ISO/IEC 38500: The IT governance standard, IT Governance Ltd.,
Cambridgeshire.
Coertze, J. & Von Solms, R., 2013, ‘The board and IT governance: A replicative study’,
African Journal of Business Management 7(35), 3358–3373. https://doi.org/
10.5897/AJBM2013.7172
Cretu, A.E. & Brodie, R.J., 2007, ‘The influence of brand image and company reputation
where manufacturers market to small firms: A customer value perspective’,
Industrial Marketing Management 36(2), 230–240. https://doi.org/10.1016/j.
indmarman.2005.08.013
Dahlberg, T. & Kivijarvi, H., 2006, ‘An integrated framework for IT governance and the
development and validation of an assessment instrument’, The 39th Hawaii
International Conference on System Sciences, January 8–11, 2019, pp. 1–10, IEEE,
Kauai, HI.
Damianides, M., 2005, ‘SOX and IT governance: New guidance on IT control and
compliance’, Information Systems Management 22(1), 77–85. https://doi.org/
10.1201/
1078/44912.22.1.20051201/85741.9
De Andres, P. & Vallelado, E., 2008, ‘Corporate governance in banking: The role of the
board of directors’, Journal of Banking & Finance 32(12), 2570–2580. https://doi.
org/10.1016/j.jbankfin.2008.05.008
De Haes, S. & Van Grembergen, W., 2009, ‘An exploratory study into IT governance
implementations and its impact on business/IT alignment’, Information Systems
Management 26(2), 123–137. https://doi.org/10.1080/10580530902794786
Ferguson, C., Green, P., Vaswani, R. & Wu, G.H., 2013, ‘Determinants of effective
technology governance’, International Journal of Auditing, 17(1), 75–99.
Ghauri, P.N. & Grønhaug, K., 2005, Research methods in business studies: A practical
guide, Pearson Education, London.
Hendry, K. & Kiel, G.C., 2004, ‘The role of the board in firm strategy: Integrating agency
and organisational control perspectives’, Corporate Governance: An International
Review 12(4), 500–520. https://doi.org/10.1111/j.1467-8683.2004.00390.x
Ho, J.L.Y., Wu, A. & Xu, S.X., 2011, ‘Corporate governance and returns on information
technology investment: Evidence from an emerging market’, Strategic
Management Journal 32(6), 595–623. https://doi.org/10.1002/smj.886
Huff, S., Schroeder, A. & Pauleen, D., 2012, ‘KM governance: The mechanism for
guiding and controlling KM programs’, Journal of Knowledge Management 16(1),
3–21. https://doi.org/10.1108/13673271211198918
IT Governance Institute, 2006, Enterprise value: Governance of IT investments, the Val
IT framework, Rolling Meadows, IL.
IT Governance Institute, 2008, Unlocking value: An executive primer on the critical role
of IT governance, Rolling Meadows, IL.
Iturralde, T., Maseda, A., Arosa, B. & Garcia-Ramos, R., 2016, ‘Boards of directors in
SMEs: An empirical evidence of board task performance’, South African Journal of
Business Management 47(4), 47–58. https://doi.org/10.4102/sajbm.v47i4.74
Jacobson, D.D., 2009, ‘Revisiting IT governance in the light of institutional theory’,
in HICSS’09. 42nd Hawaii International Conference on System Sciences, January
05–08, 2009, pp. 1–9, IEEE Computer Society, Washington, DC.
Jewer, J. & McKay, K.N., 2012, ‘Antecedents and consequences of board IT governance’,
Institutional and Strategic Choice Perspectives 13(7), 581–617.
Jordan, E. & Musson, D., 2004, Corporate governance and IT governance: Exploring
the board’s perspective, viewed 01 June 2016, from https://www.researchgate.
net/profile/Ernest_Jordan/publication/228296166_Corporate_Governance_
and_IT_Governance_Exploring_the_Board%27s_Perspective/links/00b49532f
8aff 10534000000.pdf?origin=publication_list
Kohli, R. & Grover, V., 2008, ‘Business value of it: An essay on expanding research
directions to keep up with the times’, Journal of the Association for Information
Systems 9(1), 23–39. https://doi.org/10.17705/1jais.00147
Krause, R., Semadeni, M. & Cannella, A.A., 2013, ‘External COO/presidents as expert
directors: A new look at the service role of boards’, Strategic Management Journal
34(13), 1628–1641. https://doi.org/10.1002/smj.2081
Kumar Vinod & Associates, 2014, Geographic Information Systems for Smart City,
Copal Publishing, New Delhi.
Li, C., Peters, G.F., Richardson, V.J. & Watson, M.W., 2012, ‘The consequences of
information technology control weaknesses on management information
systems: The case of Sarbanes-Oxley internal control reports’, MIS Quarterly
179–203. https://doi.org/10.2307/41410413
Loane, S., 2005, ‘The role of the Internet in the internationalisation of small
and medium sized companies’, Journal of International Entrepreneurship 3(4),
263–277. https://doi.org/10.1007/s10843-006-7855-y
Marks, N., 2010, ‘The pulse of IT governance: Gauging the effectiveness of technology
strategy and usage can be critical to maintaining organizational health’, Internal
Auditor 67(4), 32–37.
Mohamed, N., Kaur, J. & Singh, G., 2012, ‘A conceptual framework for information
technology governance effectiveness in private organizations’, Information
Management & Computer Security 20(2), 88–106. https://doi.org/10.1108/
09685221211235616
Ogbechie, C.I., 2012, ‘Key determinants of effective board of directors: Evidence from
Nigeria’, Doctoral dissertation, Brunel University, London.
Parent, M. & Reich, B.H., 2009, ‘Governing information technology risk’, California
Management Review 59(3), 134–152. https://doi.org/10.2307/41166497
Parfitt, M. & Tryfonas, T., 2009, ‘Painless: A model for IT governance assessment in the
UK public sector’, The EDP Audit Control & Security Newsletter 39(2–3), 1–25.
https://doi.org/10.1080/07366980902907779
Pearlson, K.E., Saunders, S.C. & Galleta, D.F., 2009, Managing & using information
systems: A strategic approach, John Wiley & Sons, Hoboken, NJ.
Peterson, R.R., 2001, ‘Configurations and coordination for global information
technology governance: Complex designs in a transnational European context’, in
Proceedings of the 34th Annual Hawaii International Conference on System
Sciences, January 03–06, 2001, p. 10, Washington, DC.
Peterson, R.R., 2004, ‘Crafting IT governance’, Information Systems Management
21(4), 7–22. https://doi.org/10.1201/1078/44705.21.4.20040901/84183.2
Raghupathi, W., 2007, ‘Corporate governance of IT: A framework for development’,
Communication of the ACM 50(8), 94–99. https://doi.org/10.1145/1278201.1278212
Republic of South Africa (RSA), 2008, Companies Act 71 of South Africa, Government
Printer, Pretoria.
Sambamurthy, V. & Zmud, R.W., 1999, ‘Arrangements for information technology
governance: A theory of multiple contingencies’, MIS Quarterly 23(2), 261–290.
https://doi.org/10.2307/249754
Schwertsik, A.R., Wolf, P. & Krcmar, H., 2010, ‘Understanding IT governance: Towards
dimensions for specifying decision rights’, in M. Schumann, L.M. Kolbe, M.H.
Breitner & A. Frerichs (eds.), Multikonferenz Wirtschaftsinformatik, pp. 207–218,
Universitätsverlag Göttingen, Göttingen.
Short, J. & Gerrard, M., 2009, IT governance must be driven by corporate governance,
Gartner, Stamford, CT.
Simonsson, M. & Johnson, P., 2006, Defining IT governance: A consolidation of
literature, Royal Institute of Technology, Stockholm.
Sarbanes-Oxley Act Public Law No. 107–204, 2002, Government Printing Office,
Washington DC.
Soltani, B., 2014, ‘The anatomy of corporate fraud: A comparative analysis of high
profile American and European corporate scandals’, Journal of Business Ethics
120(2), 251–274. https://doi.org/10.1007/s10551-013-1660-z
Spremic, M. & Popovic, M., 2008, ‘Emerging issues in information technology
governance: Implementing the corporate IT risks management model’, WSEAS
Transactions & Systems 7(3), 219–228.
Stevenson, W.B. & Radin, R.F., 2015, ‘The minds of the board of directors: The effects
of formal position and informal networks among board members on influence
and decision making’, Journal of Management & Governance 19(2), 421–460.
https://doi.org/10.1007/s10997-014-9286-9
The King Committee, 2009, King Report on Governance for South Africa, Institute of
Directors, Johannesburg.
UK Code 2012 [Council, F.R., 2012], The UK corporate governance code, September,
London.
Veasey, N.E., 2004, ‘The judiciary’s contribution to the reform of corporate
governance’, Journal of Corporate Law Studies 4, 225–241. https://doi.org/10.108
0/14735970.2004.11419920
Webb, P., Pollard, C. & Ridley, G., 2006, ‘Attempting to define IT governance:
Wisdom or folly?’, in Proceedings of the 39th Annual Hawaii International
Conference on System Sciences, Kauai, HI, United States, January 04–07, 2006,
pp. 1–10.
Weill, P. & Ross, J.W., 2004, IT governance. How top performers manage IT decision
rights for superior results, Harvard Business School Press, Boston, MA.
Yaghoubi, R., Yaghoubi, M., Locke, S. & Gibb, J., 2016, ‘Mergers and acquisitions: A
review (part 2)’, Studies in Economics and Finance 33(3), 437–464. https://doi.
org/10.1108/SEF-07-2015-0165
Yin, R.K., 2013, ‘Validity and generalization in future case study evaluations’, Evaluation
19(3), pp.321–332.
No comments:
Post a Comment