IDENTIFICATION OF THE DOMAIN PROCESS INTERSECTIONS BETWEEN COBIT 4.1 AND COBIT 5 IN THE DETERMINATION OF IT GOVERNANCE ASSESSMENT

The implementation of information technology has an essential role in organizational development to support a business process. Currently, information technology is widely adopted by the organization. It is believed to help improve the efficiency of the ongoing business process so that IT management is needed in a more structured. Thus, need a guideline that can guide IT governance so it can be measured and utilized. COBIT is one of the frameworks that can utilize in providing IT governance guidelines for organizations, and it is the main reference used in implementing IT governance in organizations. Still, the assessment process takes a long time because many processes are assessed. So conducted this research to determine the similar activities between COBIT 4.1 and COBIT 5 as the basis for determining the development of an organizational assessment process that the organization will carry out to see the efficiency of the assessed process domain. This research is focused on several organizations that have carried out IT governance assessments with COBIT 4.1 and will then implement the assessment process using COBIT 5. Still, it will usually take more time and effort if done separately to streamline the assessment process and identify domain intersects. The process from COBIT 4.1 and COBIT 5 so that the effort to carry out the assessment can be more streamlined. Thus, this research will produce a study result related to which activities intersect with each other to determine the IT governance assessment in an organization

Multi-framework implementation of the problem management process

Many different information technology frameworks have been proposed to assist organizations implementing information technology. However, these frameworks are complex, difficult to implement and overlap each other turning their simultaneous implementation even more difficult to accomplish by organizations. This study proposes to develop an overlapless maturity model that not only help organizations dealing with the problems aforementioned. The model was applied and evaluated by experts in five organizations. The artefact was recognized as useful, complete and helpful in a multi-framework implementation by PM experts. This research provides contributions for academics since it distinguishes itself from the existing artefacts in the body of knowledge and is a baseline for further investigation.info:eu-repo/semantics/publishedVersio

How IT Governance can assist IoT project implementation

Internet of things (IoT) is considered a key technology for the Industry 4.0 revolution. Information Technology (IT) governance (ITG) is now an increasingly important tool for organizations to align their IT strategy and infrastructures with the organizations’ business objectives. The most adopted ITG framework is COBIT, which defines seven enabler categories. These enablers aim to facilitate the implementation, identification, and management of IT. This research aims to determine, explore, and define which are the most suitable IT governance enablers to assist managers in IoT implementation. The study adopted the Design Science Research methodology, including two systematic literature reviews and a Delphi method to build the artefact. The artefact was demonstrated and evaluated in a real organization. The results indicate that data privacy, data protection, and data analysis are currently the most relevant enablers to consider in an IoT implementation because they increase the efficiency of the solution and enhance data credibility

Towards a Green Information Technology Framework by Meta-Analysis Approach

The rapid depletion of natural resources and growing awareness of the environmental deterioration have made sustainability one of the key elements enabling contemporary businesses to thrive. Among the most crucial sustainable practices is the application of Green IT due to the wide use of IT in various business sectors to enhance the performance of businesses. Green Information Technology (IT) has emerged as a vital IT governance concern to promote environmentally-friendly IT use and ecologically responsible business processes. according to various researches in green information technology, this research aims to design a green information technology using Meta-synthesis method. In order to design and explain a comprehensive model, all factors of green information technology have been identified through systematic literature review using 189 papers and content analysis. Then the importance and priority of each proposed factor was determined using Shannon quantitative method. The results reveal cost reduction, data center layout, employee stewardship and participation are the major factors in green information technology. At the end the research results demonstrate a comprehensive framework for green information technology factors

IT governance enablers for an efficient IoT implementation

IoT is considered to be one of the focal points for the 4.0 industry revolution because of the way it is changing the business models of each organization. IT governance is now an increasingly important tool for organizations to align their IT infrastructure with the organization's business objectives. IT governance has been used to help implement new technologies using the best practices such as COBIT, which defines a number of enablers that facilitate the implementation, identification and management of IT. This research aims to explore and define the most suitable enablers for an IoT implementation. These objectives will be achieved through the Design Science Research methodology, which incorporates two literature reviews, a Delphi method and, finally, a semi-structured interview. With a first systematic review of the literature, it was possible to identify the main enablers to implement IoT. Next, the list was improved using the Delphi method, gathering expert opinion. In the Delphi method, the level of agreement was verified to create exclusion criteria and a level of efficiency in each recommendation. Finally, a specialist was interviewed to demonstrate the applicability and validation of the proposed artifact in the various IoT projects implemented by his organization. At the end, a final list of enablers for IoT implementation is provided. The results indicate that data privacy, data protection, and data analysis are currently the best recommendations to be considered in an IoT implementation because they increase the efficiency of the solution and increase the credibility of the data obtained. Future work and limitations are detailed in the end.A IoT é considerada como um dos pontos fulcrais para a revolução da indústria 4.0, devido à maneira como está a alterar os modelos de negócio das organizações. A governação das TI é atualmente uma ferramenta cada vez mais importante para as organizações alinharem a sua infraestrutura tecnológica com os objetivos de negócio da organização. A governação de TI tem sido utilizada para ajudar na implementação de novas tecnologias recorrendo à utilização de boas práticas como por exemplo o COBIT, que define vários enablers que facilitam a implementação, identificação e gestão das TI. Esta investigação visa explorar e definir os enablers mais adequados para uma implementação de IoT. Estes objetivos vão ser alcançados através da metodologia Design Science Research, que incorpora duas revisões de literatura, um método Delphi e por fim uma entrevista semiestruturada. Com uma primeira revisão sistemática da literatura, foi possível identificar os principais enablers para implementar IoT. De seguida, a lista foi melhorada utilizando o método Delphi, recolhendo a opinião de especialistas. No método Delphi, verificou-se o nível de concordância para criar critérios de exclusão e um nível de eficiência em cada recomendação. Finalmente, um especialista foi entrevistado para demonstrar a aplicabilidade e validar o artefacto proposto nos diversos projetos de IoT implementados pela sua organização. No final a lista de enablers para implementar IoT é fornecida. Os resultados indicam que atualmente, a privacidade de dados, a proteção de dados e a análise de dados são as melhores recomendações a serem consideradas numa implementação de IoT, porque aumentam a eficiência da solução e aumentam a credibilidade dos dados obtidos. Trabalho futuro e limitações são detalhadas no final

Green IT Governance and Management based on ISO/IEC 15504

Organizations around the world are increasingly concerned about the environment, adopting sustainable practices in their business processes. In the field of Information Technologies (IT) several Green IT practices have been proposed, but in isolation, so a framework is needed if the Green IT is to be implemented and improved in an efficient and integrated way. In this paper, we propose a maturity model (based on ISO/IEC 15504) to help organizations implement the governance and management of Green IT gradually, as well as to improve their maturity level in this area. The validation of this proposal by experts and a case study seems to indicate that the proposal can be useful for implementing and improving the Green IT processes in organizations

Marco de trabajo de Gobierno de Tecnologías de la Información sostenible

Programa Oficial de Doutoramento en Tecnoloxías da Información e as Comunicacións. 5032V01[Resumen] En la actualidad, muchos factores de riesgo afectan la continuidad de un negocio. Sin embargo, esta situación produce una atmósfera propicia para abordar alternativas que alivian esta situación para las organizaciones. Dentro de estas alternativas destacan la Sostenibilidad Ambiental (SMA) y el Gobierno de Tecnologías de la Información (Gobierno de TI o GTI). Ambas alternativas permiten a las organizaciones abordar cuestiones intrínsecamente comunes, como la alineación estratégica, la generación de valor, los mecanismos para mejora del rendimiento, gestión de riesgos y gestión de recursos. Esta Tesis Doctoral se centra en la fusión de ambas alternativas, determinando un Marco de Gobierno de Tecnologías de la Información Sostenible (GTIs) alineado a los marcos/modelos/estándares internacionales y mejores prácticas tanto en SMA como en GTI. Se adopta una perspectiva orientada a procesos definiendo las actividades y sub-actividades que permita evaluar, dirigir y monitorizar las prácticas de TI Sostenible. Con este propósito, la estrategia seguida fue identificar los factores relevantes de SMA presentes en los principales enfoques del dominio (ISO14001, GRI G4, EMAS, SGE21 e ISO26000). Así también, identificar los factores específicos (i.e., no generales) de GTI contenidos en las principales aproximaciones de dicho dominio (COBIT5, ISO38500 y Weill & Ross) y, finalmente, se determinó en qué medida los factores relevantes de SMA están ya presentes en los factores relevantes de GTI. Como resultado, se identificaron las deficiencias en aspectos de SMA detectadas en los factores relevantes de GTI, información que contribuirá para desarrollar el marco propuesto. La última actividad de esta Tesis Doctoral se basa en una validación empírica del marco propuesto a través de su implantación en un caso de estudio. Además, se llevó a cabo el contraste estadístico de las hipótesis del caso de estudio mediante una evaluación antes y después de la implantación aplicando encuestas. La evidencia obtenida de dicha validación indica que el marco de GTIs contribuye, en las organizaciones que lo adopten a: evaluar, dirigir y monitorizar las prácticas de TI Sostenible, que permiten una mejora de sus procesos basada en el cumplimiento de niveles de capacidad. Estos resultados también evidenciaron que las partes interesadas perciben un cambio positivo a la implantación del marco de GTIs propuesto que incluye características de otros estándares relacionados con SMA y GTI y está estructurado en procesos, actividades y sub-actividades.[Abstract] Nowadays, many risk factors affect the continuity of a business. However, this situation produces a favourable atmosphere to approach alternatives that lighten this situation for organizations. Among these alternatives, Environmental Sustainability (ES) and Information Technologies Governance (IT Governance or ITG) stand out. Both alternatives allow organizations to address intrinsically common issues, such as strategic alignment, value generation, mechanisms for performance improvement, risk management and resource management. This Dissertation focuses on the fusion of both alternatives, presenting a Sustainable Information Technologies Governance (sITG) Framework aligned to international frameworks/models/standards and best practices in both ES and ITG. A process-oriented perspective is adopted by defining the activities and sub-activities to assess, manage and monitor Sustainable IT practices. With the above-mentioned purpose in mind, the strategy followed was firstly to identify the ES relevant factors present in the main domain approaches (ISO14001, GRI G4, EMAS, SGE21 and ISO26000). Secondly, the specific (i.e., non-general) ITG factors contained in the main domain approaches (COBIT5, ISO38500 and Weill & Ross) were identified. Finally, it was determined to what extent the relevant ES factors are already present in the relevant ITG factors. As a result, the deficiencies regarding ES in ITG factors were identified, and this information is a key aspect for developing the proposed framework. The last activity of this Dissertation is based on an empirical validation of the proposed framework through its deployment in a case study. In addition, the statistical contrast of the hypotheses of the case study was carried out through an evaluation before and after the deployment by applying surveys. The evidence obtained from this validation indicates that the sITG framework contributes, in organizations that adopt it, to: assess, manage and monitor Sustainable IT practices, which allow an improvement of their processes based on compliance with capacity levels. These results also showed that the stakeholders perceive a positive change to the deployment of the proposed framework, which includes characteristics of other standards related to ES and ITG, and is structured in processes, activities and sub-activities[Resumo] Na actualidade, moitos factores de risco afectan a continuidade dun negocio. Con todo, esta situación produce unha atmosfera propicia para abordar alternativas que alivian esta situación para as organizacións. Dentro destas alternativas destacan a Sustentabilidade Ambiental (SMA) e o Goberno de Tecnoloxías da Información (Goberno de TI ou GTI). Ambas as alternativas permiten ás organizacións abordar cuestións intrinsecamente comúns, como a aliñación estratéxica, a xeración de valor, os mecanismos para mellora do rendemento, xestión de riscos e xestión de recursos. Esta Tese Doutoral céntrase na fusión de ambas as alternativas, determinando un Marco de Goberno de Tecnoloxías da Información Sustentable (GTIs) aliñado aos marcos/modelos/estándares internacionais e mellores prácticas tanto en SMA como en GTI. Adóptase unha perspectiva orientada a procesos definindo as actividades e sub-actividades que permita avaliar, dirixir e monitorar as prácticas de TI Sustentable. Con este propósito, a estratexia seguida foi identificar os factores relevantes de SMA presentes nos principais enfoques do dominio (ISO14001, GRI G4, EMAS, SGE21 e ISO26000). Así tamén, identificar os factores específicos (i.e., non xerais) de GTI contidos nas principais aproximacións do devandito dominio (COBIT5, ISO38500 e Weill & Ross) e, finalmente, determinouse en que medida os factores relevantes de SMA están xa presentes nos factores relevantes de GTI. Como resultado, identificáronse as deficiencias en aspectos de SMA detectadas nos factores relevantes de GTI, información que contribuirá para desenvolver o marco proposto. A última actividade desta Tese Doutoral baséase nunha validación empírica do marco proposto a través da súa implantación nun caso de estudo. Ademais, levouse a cabo o contraste estatístico das hipóteses do caso de estudo mediante unha avaliación antes e despois da implantación aplicando enquisas. A evidencia obtida da devandita validación indica que o marco de GTIs contribúe, nas organizacións que o adopten, a: avaliar, dirixir e monitorar as prácticas de TI Sustentable, que permiten unha mellora dos seus procesos baseada no cumprimento de niveis de capacidade. Estes resultados tamén evidenciaron que as partes interesadas perciben un cambio positivo á implantación do marco de GTIs proposto que inclúe características doutros estándares relacionados con SMA e GTI e está estruturado en procesos, actividades e sub-actividade