Risk Management in IT Governance Framework

The concept of governance has an already old contour: the system by which business corporations are directed and controlled. The most praised principles regarding shareholder rights, transparency and board accountability now constitute the foundation for new tendencies evolved from such ground. Executive compensation, transparency and shareholder reporting are new issues attached to board responsibilities. Besides such almost negative approaches the board faces a more and more prominent role from risk management and IT governance perspective. Nowadays is generally acknowledged that the board is in charge for managing and controlling the risks to assets of the enterprises and business future. IT Governance has emerged as a support for corporate governance, as an important part of board’s striving efforts to perform better in a competition environment. These responsibilities, risk management and IT Governance, remain within the framework of old concept of corporate governance and are fed from its substance. The interaction between these concepts is the core interest of this research.IT Governance is defined as procedures and policies established in order to assure that the IT system of an organization sustains its goals and strategies. The management of the organisations face a new challenge: structural redefinition of the IT component in order to create plus value and to minimize IT risks through an efficient management of all IT resources of the organisation. The evolution of the present IT environment is a natural process according to which business environment should adapt.Corporate Governance, IT Governance, IT risk, Risk Management.

The influence of IT leaders' leadership behaviour on IT governance performance in higher education: a literature review

IT has become one of the most invested areas of organisations, especially in higher education institutions. To safeguard these IT investments and make the most out them, a good IT governance structure is required. It enables the higher education institutions to strive in the competition and to achieve strategic objectives. To have optimum governance in the institutions, IT leaders play the vital role of carrying the task of IT role models to implement the best approaches in the institutions. The purpose of this study is to explore the existing literature to find out the influence of IT leaders' leadership behaviour on IT governance performance in higher education context. It is aimed to find the linkage between IT leaders' leadership behaviour and IT governance performance in higher education to promote this area for future research. The literature review was done systematically to identify the articles relevant to the three variables, 'IT governance', 'IT leadership' and "higher education'. The results indicated that there is an influence of IT leadership behaviour on IT governance in higher education. Literature showed that improper IT leadership was perceived as a barrier to ITG, IT leadership plays a vital role in effective ITG implementation and specific leadership capacities and skills are shown to promote ITG. However, there are few studies in this area and there is a lack of knowledge on how IT leadership can influence IT governance

IMPLÉMENTATION DE LA GOUVERNANCE DES TI DANS UNE ORGANISATION PUBLIQUE RÉGIONALE

International audiencePrivate sector companies are mobilizing to adopt IT governance frameworks to control their information systems and increase the profitability of their IT investments. Today, public organizations have come to adopt the same approach. The study of IT governance in the public sector has interested several researchers in recent years. However, there is still a lack of literature concerning its implementation in developing countries and especially in a context of regionalization. The case study in this article shows how a "regional public organization" has implemented its IT governance framework in a regionalization context. The results of this study show that the intentional implementation of the mechanisms, with reference to the governance guidelines of the central top management, was done without major complications. However, the organization should make a lot of efforts to "decentralize" processes at the regional level to better support IT projects with regional specificities, and to improve its structures.Les entreprises du secteur privé se sont mobilisées pour adopter des cadres de gouvernance des TI afin de contrôler leurs systèmes d’information et augmenter la rentabilité de leurs investissements en technologies de l’information. Aujourd’hui, les organisations publiques ont fini par adopter la même approche. L’étude de la gouvernance des TI dans le secteur public a intéressé plusieurs chercheurs ces dernières années. Cependant, il existe encore un manque en littérature concernant son implémentation dans les pays en voie de développement et surtout dans un contexte de régionalisation. L’étude de cas menée dans cet article, montre comment « une organisation publique régionale » a implémenté son cadre de gouvernance des TI dans un contexte de régionalisation. Les résultats de cette étude montrent que l’implémentation intentionnelle des mécanismes, en se référant aux orientations de gouvernance de la direction centrale, s’est faite sans grandes complications. Or, l’organisation devrait déployer beaucoup d’efforts pour « décentraliser » des processus au niveau régional pour mieux supporter les projets TI aux spécificités régionales, et d’améliorer ses structures.Mots-clés : Gouvernance des TI, organisation publique, régionalisation, décentralisation, implémentation

Audit Methodology for IT Governance

The continuous development of the new IT technologies was followed up by a rapid integration of them at the organization level. The management of the organizations face a new challenge: structural redefinition of the IT component in order to create plus value and to minimize IT risks through an efficient management of all IT resources of the organization. These changes have had a great impact on the governance of the IT component. The paper proposes an audit methodology of the IT Governance at the organization level. From this point of view the developed audit strategy is a strategy based on risks to enable IT auditor to study from the best angle efficiency and effectiveness of the IT Governance structure. The evaluation of the risks associated with IT Governance is a key process in planning the audit mission which will allow the identification of the segments with increased risks. With now ambition for completeness, the proposed methodology provides the auditor a useful tool in the accomplishment of his mission.IT Governance, Corporate Governance, IT Audit Process, IT Risk

IT Governance: Status and Level of Implementation in Zimbabwean Urban Local Authorities

Information Technology has become an indispensable tool in enabling business processes. The study sought to assess the status and level of implementation of IT governance in Local authorities in Zimbabwe. Three local authorities were used as  case studies and respondents were purposively selected from Councillors of the three local authorities . Interviews were then conducted with senior personnel; Chamber Secretary, Town Clerk and the  Treasurer. In order to assess the status and level of implementation, reference was made to the Institute of Information technology (ITGI) governance framework. It was discovered that, the Local authorities in Zimbabwe’s IT functions are not aligned to business strategies. Urban Local authorities in Zimbabwe need to properly take on board IT in order to improve service delivery. Keywords: Local authorities, IT governance, Service delivery, business strategy, ITG

The impact of IT governance institutionalization on individuals’ behavior in Portugal

Information technology (IT) is increasingly important in organizations' life and has, therefore, become essential to the development of sustainable business growth. Thus, it is necessary to adopt IT governance (ITG) mechanisms to better control solutions, sustainable growth, and better decision making. Since an advantageous competitive differential lies in the behavior of its employees, this work focuses on the behavioral expression of ITG, aiming to analyze the effect of the impact of ITG institutionalization on the main dimensions of Organizational Citizenship Behavior (OCB). OCB describes the voluntary commitment of the individuals to an organization, with attitudes that are not part of their contractual functions. A descriptive-confirmative ex post facto research was conducted through survey research to 112 employees of IT-related departments and divisions from companies in Portugal. The Partial least square - structural equation modeling (PLS-SEM) method was used to test the overall model. The general hypothesis of this study was confirmed, showing that the ITG institutionalization has a positive effect on the individuals’ OCBs. Moreover, this study was subjected to a comparative analysis with one made in Brazil, which confirmed that the ITG institutionalization Model has different effects on individuals' OCBs in cultural terms. Finally, two main contributions emerge. On the one hand, in theory, it confirmed the relationship between OCB and ITG constructs. On the other hand, in practice, it shows the organizations that by implementing their ITG Mechanisms, they are increasing employees' OCBs and, consequently, organizational effectiveness.As tecnologias de informação (TI) são cada vez mais importantes nas organizações, sendo essenciais para o desenvolvimento sustentável dos negócios. Assim, torna-se necessário a adoção de mecanismos de Governação de TI (GTI) para uma melhor decisão, controlo das soluções, e crescimento sustentável. Estando o diferencial competitivo no comportamento dos seus colaboradores, este trabalho foca-se na expressão comportamental da GTI, analisando o impacto da institucionalização da GTI nas dimensões do Comportamento de Cidadania Organizacional (CCO). O CCO é descrito como o compromisso voluntário dos indivíduos para com a organização, com atitudes que não fazem parte de suas funções contratuais. Foi realizada uma pesquisa ex post facto com desenho descritivo e natureza confirmatória a partir de um questionário a 112 funcionários de departamentos e divisões de TI de empresas em Portugal. Foi utilizada a Modelação de Equações Estruturais com Mínimos Quadrados Parciais (PLS-SEM) para testar o modelo. A hipótese geral deste estudo foi confirmada, mostrando que a institucionalização do GTI tem um efeito positivo na CCO dos indivíduos. Além disso, foi realizada uma análise comparativa entre este estudo e outro realizado no Brasil, confirmando que o efeito da institucionalização do GTI sobre os CCO dos indivíduos altera de acordo com o contexto cultural. Finalmente, podemos afirmar, na teoria, que se confirma a relação entre os construtores da CCO e do GTI, e de forma pratica, para as organizações Portuguesas que implementam os seus mecanismos de GTI, estes aumentam as CCO dos funcionários e, consequentemente, a eficácia organizacional