The Electronic Journal of Information Systems Evaluation provides critical perspectives on topics relevant to Information Systems Evaluation, with an emphasis on the organisational and management implications
For general enquiries email administrator@ejise.com
Click here to see other Scholarly Electronic Journals published by API
For a range of research text books on this and complimentary topics visit the Academic Bookshop

Information about the European Conference on Information Management and Evaluation is available here

linkedin-120 

twitter2-125 

fb_logo-125 

 

Journal Article

Towards a Theoretical Foundation of IT Governance … The COBIT 5 case  pp93-95

Jan Devos, Kevin Van de Ginste

© Sep 2015 Volume 18 Issue 2, The special issue from ECIME 2014, Editor: Jan Devos, pp93 - 210

Look inside Download PDF (free)

Abstract

Abstract: COBIT, (Control Objectives for Information and Information related Technologies) as an IT governance framework is well‑known in IS practitioners communities. It would impair the virtues of COBIT to present it only as an IT governance framework . COBIT analyses the complete IS function and offers descriptive and normative support to manage, govern and audit IT in organizations. Although the framework is well accepted in a broad range of IS communities, it is created by practitioners and therefor e it holds only a minor amount of theoretical supported claims. Thus critic rises from the academic community. This work contains research focusing on the theoretical fundamentals of the ISACA framework, COBIT 5 released in 2012. We implemented a reverse engineering work and tried to elucidate as much as possible propositions from COBIT 5 as an empiricism. We followed a qualitative research method to develop inductively derived theoretical statements. However our approach differs from the original work on grounded theory by Glaser and Strauss (1967) since we started from a general idea where to begin and we made conceptual descriptions of the empirical statements. So our data was only restructured to reveal theoretical findings. We looked at three candi date theories: 1) Stakeholder Theory (SHT), 2) Principal Agent Theory (PAT), and 3) Technology Acceptance Model (TAM). These three theories are categorized and from each theory, several testable propositions were deduced. We considered the five COBIT 5 principles, five processes (APO13, BAI06, DSS05, MEA03 and EDM03) mainly situated in the area of IS security and four IT‑related goals (IT01, IT07, IT10 and IT16). The choice of the processes and IT‑related goals are based on an experienced k nowledge of COBIT as well of the theories. We constructed a mapping table to find matching patterns. The mapping was done separately by several individuals to increase the internal validity. Our findings indicate that COBIT 5 holds theoretical supported c laims. The lower theory types such as PAT and SHT contribute

 

Keywords: Keywords: IT governance, COBIT 5, stakeholder theory, principal agent theory, TAM

 

Share |

Journal Article

Towards a Theoretical Foundation of IT Governance … The COBIT 5 case  pp96-104

Jan Devos, Kevin Van de Ginste

© Sep 2015 Volume 18 Issue 2, The special issue from ECIME 2014, Editor: Jan Devos, pp93 - 210

Look inside Download PDF (free)

Abstract

Abstract: COBIT, (Control Objectives for Information and Information related Technologies) as an IT governance framework is well‑known in IS practitioners communities. It would impair the virtues of COBIT to present it only as an IT governance framework . COBIT analyses the complete IS function and offers descriptive and normative support to manage, govern and audit IT in organizations. Although the framework is well accepted in a broad range of IS communities, it is created by practitioners and therefor e it holds only a minor amount of theoretical supported claims. Thus critic rises from the academic community. This work contains research focusing on the theoretical fundamentals of the ISACA framework, COBIT 5 released in 2012. We implemented a reverse engineering work and tried to elucidate as much as possible propositions from COBIT 5 as an empiricism. We followed a qualitative research method to develop inductively derived theoretical statements. However our approach differs from the original work on grounded theory by Glaser and Strauss (1967) since we started from a general idea where to begin and we made conceptual descriptions of the empirical statements. So our data was only restructured to reveal theoretical findings. We looked at three candi date theories: 1) Stakeholder Theory (SHT), 2) Principal Agent Theory (PAT), and 3) Technology Acceptance Model (TAM). These three theories are categorized and from each theory, several testable propositions were deduced. We considered the five COBIT 5 principles, five processes (APO13, BAI06, DSS05, MEA03 and EDM03) mainly situated in the area of IS security and four IT‑related goals (IT01, IT07, IT10 and IT16). The choice of the processes and IT‑related goals are based on an experienced k nowledge of COBIT as well of the theories. We constructed a mapping table to find matching patterns. The mapping was done separately by several individuals to increase the internal validity. Our findings indicate that COBIT 5 holds theoretical supported c laims. The lower theory types such as PAT and SHT contribute the most. The presence and contribution of a theory is significantly constituted by IT‑related goals as compared to the processes. We also make some suggestions for further research. First of al l, the work has to be extended to all COBIT 5 processes and IT‑related goals. This effort is currently going on. Next we ponder the question what other theories could be considered as candidates for this theoretical reverse engineering labour? During our work we listed already some theories with good potential. Our used pattern matching process can also be refined by bringing in other assessment models. Finally an alternative and more theoretic framework could be designed by using design science research methods and starting with the most relevant IS theories. That could lead to a new IT artefact that eventually could be reconciled with COBIT 5.

 

Keywords: Keywords: IT governance, COBIT 5, stakeholder theory, principal agent theory, TAM

 

Share |