Measuring IT Governance Performance: a Research Study on CobiT-Based Regulation Framework Usage
Title: Measuring IT Governance Performance: a Research Study on CobiT-Based Regulation Framework Usage
Writer: Mario Spremic, Ph.D.
Source: INTERNATIONAL JOURNAL OF MATHEMATICS AND COMPUTERS IN SIMULATION, Issue 1, Volume 6, 2012
To investigate if the prescribed regulatory requirements and regular information system (IS) audits affect the IT Governance initiatives and foster strategic business/IT alignment.
A. Survey Instrument
The research instrument includes series of in-depth interviews with CIOs and CEOs of selected banks and the research model was constructed around following IT Governance elements:
- do the analyzed companies have IS Strategy aligned with business strategy, IT Steering Committee and IT investment policy (Business/IT strategic alignment focus),
- % of the budget invested in IT (Business/IT strategic alignment focus),
- to whom Chief Information Officer (CIO) reports (IT Risk Management focus)
- do the surveyed companies have IT risk management methodology and policy (IT Risk Management focus)
- do the surveyed companies regularly perform IS audits and measure the IS maturity (Performance measurement focus),
- do the selected companies have Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) (IT Risk Management focus)
- do the surveyed companies have defined metrics to control key IT processes (for example, Recovery Point Objective (RPO) and Recovery Time Objective (RTO) as key metrics for BCP initiatives (Performance measurement focus),
- number of key applications outsourced (IT resource management focus),
- % of the IT staff employed (IT resource management focus), etc.
B. Research Sample
Case study analysis and series of in-depth interviews were performed on a sample of 5 small banks in Croatia during the period 2008-2010.
National IT Governance regulatory framework can help in improving IT Governance maturity and strategically align IT and business and confirm the research question. Research results reveal that when IT and Business are strategically aligned, mainly through IT Governance initiatives, IT investments are high, IT Maturity raise and the IT department is seen as a strategic partner to organization. The research might be useful because of fact that similar efforts are very rare (if there are any of them) and there are modest evidences how industry best practices and national regulations are used in the real business environment.