IT process architectures for enterprises development: A survey from a maturity model perspective

During the last years much has been published about IT governance. Close to the success of many governance efforts are the business frameworks, quality models, and technology standards that help enterprises improve processes, customer service, quality of products, and control. In this paper we i) survey existing frameworks, namely ITIL, ASL and BiSL, ii) find relations with the IT Governance framework CobiT to determine if the maturity model of CobiT can be used by ITIL, ASL and BiSL, and (iii) provide an integrated vista of IT processes viewed from a maturity model perspective. This perspective can help us understand the importance of maturity models for increasing the efficiency of IT processes for enterprises development and business-IT alignment

Definition and Validation of a Business IT Alignment Method for Enterprise Governance Improvement in the Context of Processes Based Organizations

These days, it is remarkable to note the growing of interest in professional responsibility. Specifically, the responsibility a person commits to when he or she performs a task. Based on a review of research currently performed in the field of policy (from corporate to technical ones), we observe that the perception of responsibility has often been limited to a combination of rights and obligations. In addition, we are seeing a re-emergence in business (for example, in the financial sector) of a belief that business ethics foundation can be improved and that a renewed focus in this area would help to prevent future breakdowns in the system. With regard to improving business/IT alignment and corporate ICT governance, it becomes increasingly important to define a commonly accepted personal responsibility model that embodies important and well-known concepts like accountability, capability and commitment. Moreover, because responsibility constitutes a fundamental notion of management theory, it is likewise identified as a meaningful bridge toward organizational artifacts. Exploiting process-based approach to define policy seems to offer new research opportunities since process-based organization becomes a continuous widely spread structure.ICT Governance, Responsibility model, Capability, Accountability, Commitment.

ERP implementation methodologies and frameworks: a literature review

Enterprise Resource Planning (ERP) implementation is a complex and vibrant process, one that involves a combination of technological and organizational interactions. Often an ERP implementation project is the single largest IT project that an organization has ever launched and requires a mutual fit of system and organization. Also the concept of an ERP implementation supporting business processes across many different departments is not a generic, rigid and uniform concept and depends on variety of factors. As a result, the issues addressing the ERP implementation process have been one of the major concerns in industry. Therefore ERP implementation receives attention from practitioners and scholars and both, business as well as academic literature is abundant and not always very conclusive or coherent. However, research on ERP systems so far has been mainly focused on diffusion, use and impact issues. Less attention has been given to the methods used during the configuration and the implementation of ERP systems, even though they are commonly used in practice, they still remain largely unexplored and undocumented in Information Systems research. So, the academic relevance of this research is the contribution to the existing body of scientific knowledge. An annotated brief literature review is done in order to evaluate the current state of the existing academic literature. The purpose is to present a systematic overview of relevant ERP implementation methodologies and frameworks as a desire for achieving a better taxonomy of ERP implementation methodologies. This paper is useful to researchers who are interested in ERP implementation methodologies and frameworks. Results will serve as an input for a classification of the existing ERP implementation methodologies and frameworks. Also, this paper aims also at the professional ERP community involved in the process of ERP implementation by promoting a better understanding of ERP implementation methodologies and frameworks, its variety and history

Managing information security risk using integrated governance risk and compliance.

This paper aims to demonstrate the building blocks of an IT Governance Risk and Compliance (IT GRC) model as well the phased stages of the optimal integration of IT GRC frameworks, standards and model through a longitudinal study. A qualitative longitudinal single case study methodology through multiple open-ended interviews were conducted over a period of four years (July 2012 to November 2015) in a retail financial institution. Our empirical study contributes to both academic research and practice in IT GRC. First, we identified the various building blocks of IT GRC domain from vertical as well as horizontal perspectives. Second, we methodologically demonstrated the gradual metamorphosis of the evolution of an IT GRC from a single ITG framework to multiple IT GRC building blocks. The journey thus throws light on the gradual staged process of attaining maturity in IT GRC by an organization. The resultant IT GRC model thus, guides managerial actions towards a better understanding of the positioning of IT GRC building blocks in an organization through the understanding of the interaction of vertical and horizontal domains. The results of the paper thus enable practitioners and academics to better understand and evaluate IT GRC implementation for effective governance, reduce risk and ensure compliance in organizations

IDENTIFICATION OF THE DOMAIN PROCESS INTERSECTIONS BETWEEN COBIT 4.1 AND COBIT 5 IN THE DETERMINATION OF IT GOVERNANCE ASSESSMENT

The implementation of information technology has an essential role in organizational development to support a business process. Currently, information technology is widely adopted by the organization. It is believed to help improve the efficiency of the ongoing business process so that IT management is needed in a more structured. Thus, need a guideline that can guide IT governance so it can be measured and utilized. COBIT is one of the frameworks that can utilize in providing IT governance guidelines for organizations, and it is the main reference used in implementing IT governance in organizations. Still, the assessment process takes a long time because many processes are assessed. So conducted this research to determine the similar activities between COBIT 4.1 and COBIT 5 as the basis for determining the development of an organizational assessment process that the organization will carry out to see the efficiency of the assessed process domain. This research is focused on several organizations that have carried out IT governance assessments with COBIT 4.1 and will then implement the assessment process using COBIT 5. Still, it will usually take more time and effort if done separately to streamline the assessment process and identify domain intersects. The process from COBIT 4.1 and COBIT 5 so that the effort to carry out the assessment can be more streamlined. Thus, this research will produce a study result related to which activities intersect with each other to determine the IT governance assessment in an organization

Implementation Evaluation of Information Technology in the New Normal Era Using Cobit 2019 Method

This research is a continuation of the previous research on Information Technology Governance Analysis of STMIK Palcomtech in the New Normal Era Using Cobit 2019 where the measurements carried out are the stages of 11 factors design Tool Kit Cobit 2019. The results of the study included 13 important processes in the domain that must be considered in STMIK Palcomtech including EDM03, APO08, DSS05 EDM02, APO04, APO09, APO12, APO13, BAI01, BAI02, BAI03, BAI06, MEA03. This research aims to evaluate the application of information technology used by STMIK Palcomtech focusing on the application of information technology applied based on the needs of the company and the strategy of the impact of COVID 19, which uses the Goal cascade framework Cobit 2019. Use qualitative method by spreading questionnaires in accordance with the domain that has been determined to students then continued with the measurement of maturity level so that current conditions are obtained and then continued gap analysis. The results of this study showed the average maturity level is at level 3 and the result of the gap level then the lowest value is a priority to prioritize new development then to the next domain to achieve the expected value in the domain Level. Keywords: information technology, COBIT, governance analysi

ANALYSIS OF UNIVERSITY HELPDESK INFORMATION TECHNOLOGY GOVERNANCE USING COBIT 2019 AND FUZZY AHP

University Helpdesk as an information system service provider provided by PTIPD University assists students, staff, and lecturers in solving problems using information systems and networks, as well as updating information online and offline. Based on the Regulation Minister of Religion of the Republic of Indonesia Number 17 of 2013 to improve the quality of university delivery and services, and GUG (Good University Governance) implementation, governance framework is needed to align the vision, mission, and objectives. IT governance framework covering management, operational, maintenance, monitoring, and evaluation processes. The analysis of IT governance with COBIT 2019 resulted in the preparation of recommendations based on the mapping of the domain (area) of the 2019 COBIT design factors. These recommendations are needed for an analysis of the maturity level of PTIPD university helpdesk information technology governance. The research data were taken from annual reports and Key Performance Indicators, observations, and interviews. Based on Design Factors 1-11 to determine domain area, the result is needing improved governance perspective APO12-Managed Risk and DSS05-Managed Security Services. The focus area is risk management and service security management in terms of data and information. The expected ability level is at level 4, while the current ability level analysis is at level 2, the gap level analysis is 2 levels different. The result is to get 12 recommendations and 2 main recommendations using the Fuzzy-AHP method based on the weighting of the criteria of Regulation number 12 of 2012 the management of information technology in university

Governing IT in HEIs: Systematic Mapping Review

Background: Higher Education Institutions (HEIs) are aware of the immense importance of achieving their strategic objectives to increase their impact on the society and to be competitive. As a board responsibility, information technology governance (ITG) plays an important role in the overall HEIs performance. Numerous HEIs are making great efforts to properly govern information technology (IT) by using ITG frameworks. Objectives: This study investigates the overall adoption of ITG frameworks in different HEIs through a systematic mapping review. Method: We analyzed forty relevant papers, filtered from 6 selected online libraries, and answered six research questions on ITG implementations at universities worldwide. Results: The results show an increasing number of publications on ITG usage in HEIs in the last decade. The largest number of applications is described in Asian countries, while the most popular used frameworks are COBIT, ISO versions, and in-house developed frameworks. Finally, we describe the top challenges and benefits of ITG implementation mentioned in research papers. Conclusion: This paper provides a deep insight into the level of integration of ITG in universities worldwide. The results will be presented to the involved stakeholders at our university to increase the awareness of ITG in HEIs and help its implementation process