Abstract
The previous chapter provided a high-level description of the “Enterprise Governance of IT (EGIT)” concept. This second chapter starts with discussing the genesis and evolution of EGIT, both in academic research and practice. Then, this chapter introduces mechanisms that can be used to implement EGIT in practice. Indeed, developing a high-level model for EGIT is the first step, deploying it throughout all levels of the organization is the next challenging step. To effectuate this, EGIT can be deployed using a mixture of various structures, processes, and relational mechanisms. These EGIT mechanisms will be discussed in this chapter, including a demonstration of how such mechanisms were leveraged in the context of KLM, a large international airline company. Finally, specific EGIT-related topics will be discussed such as the role of the board in EGIT, IT governance transparency, the inter-organizational governance of IT, ambidextrous EGIT, and a more theoretical view on EGIT by drawing on the lens of the Viable System Model (VSM).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Each archetype identifies the decision-makers involved in an IT decision. The following archetypes are proposed: (1) business monarchy (i.e., top managers), (2) IT monarchy (i.e., IT specialists), (3) feudal (i.e., each business unit making independent decisions), (4) federal (i.e., combination of the corporate center and the business units, with or without IT people involved), (5) IT duopoly (i.e., IT group and one other group, e.g., top management or business unit leaders), and (6) anarchy (i.e., isolated individual or small group decision-making) (Weill & Ross, 2004).
- 2.
The following types of IT decisions are proposed: (1) IT principles (i.e., clarifying the business role of IT), (2) IT architecture (i.e., defining integration and standardization requirements), (3) IT infrastructure (i.e., determining shared and enabling services), (4) business application needs (i.e., specifying the business need for purchased or internally developed IT applications), and (5) IT investment and prioritization (i.e., choosing which initiatives to fund and how much to spend) (Weill & Ross, 2004).
- 3.
The slight upward curve for the next 3 years is due to a temporary decrease of production in response to the global economic crisis.
- 4.
Acknowledgment: This section is based on the doctoral research of Laura Caluwe, and more specifically on an article that was developed in the context of this doctoral research, i.e., Caluwe and De Haes (2019).
- 5.
The notion of ambidexterity is based on the generic recognition that a focus on both exploitation and exploration is required (Duncan, 1976; Markides & Chu, 2008; O’Reilly & Tushman, 2013; Tushman & O’Reilly, 2007). Specifically, O’Reilly and Tushman (2013) refer to “organizational ambidexterity” as the ability of an organization to both compete in mature technologies and markets where efficiency, control, and incremental improvement are prized (i.e., exploit) and to also compete in new technologies and markets where flexibility, autonomy, and experimentation are needed (i.e., explore).
- 6.
It is holistic in the sense that it is aimed at avoiding the “trap of reductionism,” i.e., missing the interconnectedness between parts (Reynolds & Holwell, 2010).
- 7.
Organizing logic can be defined as “the managerial rationale for designing and evolving specific organizational arrangements” (Sambamurthy & Zmud, 2000, p. 107).
- 8.
Stafford Beer developed and described the VSM in his seminal trilogy, under the general heading of “The managerial cybernetics of organization” (Beer, 1972, 1979, 1981, 1985). The VSM is theoretically grounded in “management cybernetics,” which is about applying cybernetic principles to the management of organizations (Beer, 1959). Beer (1985, p. ix) states that: “cybernetics is the science of effective organization.” As a result, the VSM can be referred to as “a theory of organization” (Anderton, 1989, p. 40).
- 9.
References
Ailon, G. (2011). Mapping the cultural grammar of reflexivity: The case of the Enron scandal. Economy and Society, 40(1), 141–166.
Ali, S., & Green, P. (2012). Effective information technology (IT) governance mechanisms: An IT outsourcing perspective. Information Systems Frontiers, 14(2), 179–193.
Anderton, R. (1989). The need for formal development of the VSM. In R. Espejo & R. Harnden (Eds.), The viable system model: Interpretations and applications of Stafford Beer’s VSM (pp. 39–50). New York: Wiley.
Andriole, S. (2009). Boards of directors and technology governance: The surprising state of the practice. Communications of the Association for Information Systems, 24(1), 373–394.
Bart, C., & Turel, O. (2010). IT and the board of directors: An empirical investigation into the “governance questions” Canadian board members ask about IT. Journal of Information Systems, 24(2), 147–172.
Beer, S. (1959). Cybernetics and management. London: The English Universities Press.
Beer, S. (1972). Brain of the firm. London: Allen Lane.
Beer, S. (1979). The heart of enterprise. New York: Wiley.
Beer, S. (1981). Brain of the firm (2nd ed.). Chichester: Wiley.
Beer, S. (1985). Diagnosing the system for organizations. West Sussex: Wiley.
Benaroch, M., & Chernobai, A. (2017). Operational IT failures, IT value destruction, and board-level IT governance changes. MIS Quarterly, 41(3), 729–762.
Brown, A. E., & Grant, G. G. (2005). Framing the frameworks: A review of IT governance research. Communications of the Association for Information Systems, 15(1), 696–712.
Brown, C. (1999). Horizontal mechanisms under differing is organization contexts. MIS Quarterly, 23(3), 421–454.
Brown, C. V. (1997). Examining the emergence of hybrid IS governance solutions: Evidence from a single case site. Information Systems Research, 8(1), 69–94.
Brown, C. V., & Magill, S. L. (1998). Reconceptualizing the context-design issue for the information systems function. Organization Science, 9(2), 176–194.
Buchwald, A., Urbach, N., & Ahlemann, F. (2014). Business value through controlled IT: Toward an integrated model of IT governance success and its impact. Journal of Information Technology, 29(2), 128–147.
Buckby, S., & Best, P. J. (2007, July 1). Development of a board IT governance (ITG) review model. In Proceedings of the 2007 AFAANZ Conference. Accounting & Finance Association of Australia and New Zealand.
Butler, R., & Butler, M. J. (2010). Beyond King III: Assigning accountability for IT governance in South African enterprises. South African Journal of Business Management, 41(3), 33–45.
Caluwe, L., & De Haes, S. (2019). Board Level IT Governance: A Scoping Review to Set the Research Agenda. Information Systems Management, 36(3), 262–283.
Chatterjee, D., Richardson, V. J., & Zmud, R. W. (2001). Examining the shareholder wealth effects of announcements of newly created CIO positions. MIS Quarterly, 25(1), 43–70.
Choudhary, V., & Vithayathil, J. (2013). The impact of cloud computing: should the IT department be organized as a cost center or a profit center? Journal of Management Information Systems, 30(2), 67–100.
Coertze, J., & von Solms, R. (2013). The board and IT governance: A replicative study. African Journal of Business Management, 7(35), 3358–3373.
Coertze, J., & von Solms, R. (2014). The board and CIO: The IT alignment challenge. In HICSS 2014 Proceedings.
Croteau, A.-M., & Bergeron, F. (2009). Interorganizational governance of information technology. In Proceedings of the 42nd Hawaii International Conference on System Sciences.
De Haes, S., Gemke, D., Thorp, J., & Van Grembergen, W. (2011). KLM’s enterprise governance of IT journey: From managing costs to managing business value. MIS Quarterly Executive, 10(3), 109–120.
De Haes, S., Huygh, T., & Joshi, A. (2017). Exploring the contemporary state of information technology governance transparency in Belgian firms. Information Systems Management, 34(1), 20–37.
De Haes, S., Huygh, T., Joshi, A., & Caluwe, L. (2019). National corporate governance codes and IT governance transparency in annual reports. Journal of Global Information Management, 27(4).
De Haes, S., & Van Grembergen, W. (2009). An exploratory study into IT governance implementations and its impact on business/IT alignment. Information Systems Management, 26(2), 123–137.
De Haes, S., Van Grembergen, W., & Debreceny, R. S. (2013). COBIT 5 and enterprise governance of information technology: Building blocks and research opportunities. Journal of Information Systems, 27(1), 307–324.
Duncan, R. B. (1976). The ambidextrous organization: Designing dual structures for innovation. The Management of Organization, 1, 167–188.
du Preez, D. (2013). PwC slams BBC for failed £100 m digital transformation project. Retrieved from http://www.computerworlduk.com/it-management/pwc-slams-bbc-for-failed-100m-digital-transformation-project-3494357/.
Garrity, J. T. (1963). Top management and computer profits. Harvard Business Review, 41(4), 6–12.
Grant, G., & Tan, F. B. (2013). Governing IT in inter-organizational relationships: Issues and future research. European Journal of Information Systems, 22(5), 493–497.
Haffke, I., Kalgovas, B., & Benlian, A. (2017). Options for transforming the IT function using bimodal IT. MIS Quarterly Executive, 16(2), 101–120.
Henderson, J. C., & Venkatraman, N. (1993). Strategic alignment: Leveraging information technology for transforming organizations. IBM Systems Journal, 32(1), 4–16.
Higgs, J. L., Pinsker, R. E., Smith, T. J., & Young, G. R. (2016). The relationship between board-level technology committees and reported security breaches. Journal of Information Systems, 30(3), 79–98.
Horlach, B., Drews, P., & Schirmer, I. (2016). Bimodal IT: Business-IT alignment in the age of digital transformation. In Multikonferenz Wirtschaftsinformatik (MKWI) (pp. 1417–1428).
Hoverstadt, P. (2010). The viable system model. In M. Reynolds & S. Holwell (Eds.), Systems approaches to managing change: A practical guide (pp. 87–133). London: Springer.
Huang, R., Zmud, R. W., & Price, R. L. (2010). Influencing the effectiveness of IT governance practices through steering committees and communication policies. European Journal of Information Systems, 19(3), 288–302.
Huygh, T. (2019). Investigating IT governance through the viable system model (doctoral dissertation). University of Antwerp, Antwerp, Belgium.
Huygh, T., & De Haes, S. (2019). Investigating IT governance through the viable system model. Information Systems Management, 36(2), 168–192.
Institute of Directors in Southern Africa. (2009). King III code of corporate governance for South Africa. Retrieved from https://jutalaw.co.za/uploads/King_III_Report/.
ISACA. (2018). COBIT 2019 Framework: Introduction & methodology.
ISO/IEC. (2008). ISO/IEC Standard 38500: Corporate governance of information technology.
ISO/IEC. (2015). ISO/IEC Standard 38500: Information technology—Governance of IT for the organization.
IT Governance Institute (ITGI). (2003). Board briefing on IT governance, 2nd edition. Retrieved from http://www.isaca.org/knowledge-center/research/researchdeliverables/pages/board-briefing-on-it-governance-2nd-edition.aspx.
Jackson, M. C. (2003). Systems thinking: Creative holism for managers. New York: Wiley.
Jewer, J., & McKay, K. (2012). Antecedents and consequences of board IT governance: Institutional and strategic choice perspectives. Journal of the Association for Information Systems, 13(7), 581–617.
Joachim, N., Beimborn, D., & Weitzel, T. (2013). The influence of SOA governance mechanisms on IT flexibility and service reuse. The Journal of Strategic Information Systems, 22(1), 86–101.
Jöhnk, J., Röglinger, M., Thimmel, M., & Urbach, N. (2017). How to implement agile IT setups: A taxonomy of design options. In Proceedings of the 25th European Conference on Information Systems (ECIS), Guimarães, Portugal, June 5–10, 2017 (pp. 1521–1535). Retrieved from http://aisel.aisnet.org/ecis2017_rp/98.
Jones, C., Hesterly, W. S., & Borgatti, S. P. (1997). A general theory of network governance: Exchange conditions and social mechanisms. Academy of Management Review, 22(4), 911–945.
Joshi, A., Bollen, L., & Hassink, H. (2013). An empirical assessment of IT governance transparency: Evidence from commercial banking. Information Systems Management, 30(2), 116–136.
Kambil, A., & Lucas, H. C. (2002). The board of directors and the management of information technology. Communications of the Association for Information Systems, 8(1).
Kerr, D. S., & Murthy, U. S. (2013). The importance of the CobiT framework IT processes for effective internal control over financial reporting in organizations: An international survey. Information & Management, 50(7), 590–597.
King, J. L. (1983). Centralized versus decentralized computing: Organizational considerations and management options. ACM Computing Surveys, 15(4), 319–349.
King, N. (2013). Exploring the impact of operating model choice on the governance of inter-organizational workflow: The U.S. e-prescribing network. European Journal of Information Systems, 22(5), 548–568.
Kritzinger-von Solms, E., & Strous, L. (2003). Information security: A corporate governance issue. In Integrity and internal control in information systems V (Vol. 124, pp. 115–133). Kluwer Academic Publishers.
Kuruzovich, J., Bassellier, G., & Sambamurthy, V. (2012). IT governance processes and IT alignment: Viewpoints from the board of directors. In 2012 45th Hawaii International Conference on System Sciences (pp. 5043–5052). IEEE. https://doi.org/10.1109/HICSS.2012.394.
Lawrence, P. R., & Lorsch, J. W. (1967). Organization and environment. Boston, MA: Harvard Business School, Division of Research.
Lee, O.-K. (Daniel), Sambamurthy, V., Lim, K. H., & Wei, K. K. (2015). How does IT ambidexterity impact organizational agility? Information Systems Research, 26(2), 398–417.
Loh, L., & Venkatraman, N. (1992). Diffusion of information technology outsourcing: Influence sources and the Kodak effect. Information Systems Research, 3(4), 334–358.
Mähring, M. (2006). The role of the board of directors in IT governance: A review and agenda for research. In AMCIS 2006 Proceedings.
Markides, C., & Chu, W. (2008). Innovation through ambidexterity: How to achieve the ambidextrous organization. In L. Costanzo & B. MacKay (Eds.), Handbook of research on strategy and foresight. London: Elgar.
Masli, A., Richardson, V., Watson, M., & Zmud, R. W. (2016). Senior executives’ IT management responsibilities: Serious IT-related deficiencies and CEO/CFO turnover. Management Information Systems Quarterly, 40(3), 687–708.
Mintzberg, H. (1979). The structuring of organizations. Englewood Cliffs, NJ: Prentice-Hall.
Mohamad, S., Hendrick, M., O’Leary, C., & Best, P. (2014). Developing a model to evaluate the information technology competence of boards of directors. Corporate Ownership & Control, 12(1), 64–74.
Nolan, R., & McFarlan, F. (2005). Information technology and the board of directors. Harvard Business Review, 83(10), 96–106.
Oliver, G. R., & Walker, R. G. (2006). Reporting on software development projects to senior managers and the board. Abacus, 42(1), 43–65. https://doi.org/10.1111/j.1467-6281.2006.00188.x.
Olson, M. H., & Chervany, N. L. (1980). The relationship between organizational characteristics and the structure of the information services function. MIS Quarterly, 4(2), 57.
O'Reilly, C. A., & Tushman, M. L. (2013). Organizational ambidexterity: Past, present, and future. Academy of Management Perspectives, 27(4), 324–338.
Overby, E., Bharadwaj, A., & Sambamurthy, V. (2006). Enterprise agility and the enabling role of information technology. European Journal of Information Systems, 15(2), 120–131.
Parent, M., & Reich, B. H. (2009). Governing information technology risk. California Management Review, 51(3), 134–152.
Peterson, R. R. (2004). Crafting information technology governance. Information Systems Management, 21(4), 7–22.
Posthumus, S., & von Solms, R. (2008). Agency theory: Can it be used to strengthen IT governance? In Proceedings of The IFIP TC 11 23rd International Information Security Conference. Springer US.
Posthumus, S., Von Solms, R., & King, M. (2010). The board and IT governance: The what, who and how. South African Journal of Business Management, 41(3), 23–32.
Prasad, A., Green, P., & Heales, J. (2012). On IT governance structures and their effectiveness in collaborative organizational structures. International Journal of Accounting Information Systems, 13(3), 199–220.
Premuroso, R. F., & Bhattacharya, S. (2007). Is there a relationship between firm performance, corporate governance, and a firm’s decision to form a technology committee? Corporate Governance: An International Review, 15(6), 1260–1276.
Raab, J., & Kenis, P. (2009). Heading toward a society of networks. Journal of Management Inquiry, 18(3), 198–210.
Raghupathi, W. (2007). Corporate governance of IT: A framework for development. Communications of the ACM, 50(8), 94–99.
Read, T. J. (2004). Discussion of director responsibility for IT governance. International Journal of Accounting Information Systems, 5(2), 105–107. https://doi.org/10.1016/j.accinf.2004.01.003.
Reynolds, M., & Holwell, S. (2010). Introducing systems approaches. In M. Reynolds & S. Holwell (Eds.), Systems approaches to managing change: A practical guide (pp. 1–23). Berlin: Springer.
Ross, J. W., & Weill, P. (2002). Six IT decisions your IT people shouldn’t make. Harvard Business Review, 80(11), 84–95.
Sambamurthy, V., & Zmud, R. (1999). Arrangements for information technology governance: A theory of multiple contingencies. Management Information Systems Quarterly, 23(2), 261–290.
Sambamurthy, V., & Zmud, R. W. (2000). Research commentary: The organizing logic for an enterprise’s IT activities in the digital era—A prognosis of practice and a call for research. Information Systems Research, 11(2), 105–114.
Schlosser, F., Beimborn, D., Weitzel, T., & Wagner, H.-T. (2015). Achieving social alignment between business and IT—An empirical evaluation of the efficacy of IT governance mechanisms. Journal of Information Technology, 30(2), 119–135.
Schmitz, K., Teng, J. T. C., & Webb, K. (2016). Capturing the complexity of malleable IT use: Adaptive structuration theory for individuals. Management Information Systems Quarterly, 40(3). Retrieved from http://aisel.aisnet.org/misq/vol40/iss3/9.
Schwarz, A., & Hirschheim, R. (2003). An extended platform logic perspective of IT governance: Managing perceptions and activities of IT. The Journal of Strategic Information Systems, 12(2), 129–166.
Standards Australia. (2005). AS 8015-2005.
Swaminathan, A., & Meffert, J. (2017). Digital @ scale. Hoboken, New Jersey: Wiley.
Tallon, P. P., Ramirez, R. V., & Short, J. E. (2013). The information artifact in IT governance: Toward a theory of information governance. Journal of Management Information Systems, 30(3), 141–178.
Tavakolian, H. (1989). Linking the information technology structure with organizational competitive strategy: A survey. MIS Quarterly, 13(3), 309.
The Committee on the Financial Aspects of Corporate Governance. (1992). Financial aspects of corporate governance (The Cadbury Report).
Trautman, L. J., & Altenbaumer-Price, K. (2010). The board’s responsibility for information technology governance.
Trites, G. (2004). Director responsibility for IT governance. International Journal of Accounting Information Systems, 5(2), 89–99.
Turel, O., & Bart, C. (2014). Board-level IT governance and organizational performance. European Journal of Information Systems, 23(2), 223–239.
Turel, O., Liu, P., & Bart, C. (2017). Board-level information technology governance effects on organizational performance: The roles of strategic alignment and authoritarian governance style. Information Systems Management, 34(2), 117–136.
Tushman, M. L., & O'Reilly, C. (2007). Research and relevance: Implications of Pasteur’s quadrant for doctoral programs and faculty development. Academy of Management Journal, 50(4), 769–774.
Valentine, E., & Stewart, G. (2013a). Director competencies for effective enterprise technology governance. In 24th Australasian Conference on Information Systems (ACIS) (pp. 1–11). RMIT University.
Valentine, E., & Stewart, G. (2013b). The emerging role of the board of directors in enterprise business technology governance. International Journal of Disclosure and Governance, 10(4), 346–362.
Valentine, E., & Stewart, G. (2015). Enterprise business technology governance: Three competencies to build board digital leadership capability. In HICSS 2015 Proceedings.
Vithayathil, J. (2018). Will cloud computing make the Information Technology (IT) department obsolete? Information Systems Journal, 28(4), 634–649.
Weill, P., & Ross, J. (2004). IT governance: How top performers manage IT decision rights for superior results. Harvard Business Press.
Wilkin, C. L., Campbell, J., & Moore, S. (2013). Creating value through governing IT deployment in a public/private-sector inter-organisational context: A human agency perspective. European Journal of Information Systems, 22(5), 498–511.
Wilkin, C. L., & Chenhall, R. H. (2010). A review of IT governance: A taxonomy to inform accounting information systems. Journal of Information Systems, 24(2), 107–146.
Williams, C. K., & Karahanna, E. (2013). Causal explanation in the coordinating process: A critical realist case study of federated IT governance structures. MIS Quarterly, 37(3), 933–964.
Winkler, T. J., & Brown, C. V. (2013). Horizontal allocation of decision rights for on-premise applications and software-as-a-service. Journal of Management Information Systems, 30(3), 13–48.
Wu, S. P.-J., Straub, D. W., & Liang, T.-P. (2015). How information technology governance mechanisms and strategic alignment influence organizational performance: Insights from a matched survey of business and IT managers. MIS Quarterly, 39(2), 497–518.
Xiao, J., Xie, K., & Hu, Q. (2013). Inter-firm IT governance in power-imbalanced buyer–supplier dyads: Exploring how it works and why it lasts. European Journal of Information Systems, 22(5), 512–528.
Yayla, A. A., & Hu, Q. (2014). The effect of board of directors’ IT awareness on CIO compensation and firm performance. Decision Sciences, 45(3), 401–436. https://doi.org/10.1111/deci.12077.
Zmud, R. W. (1984). Design alternatives for organizing information systems activities. MIS Quarterly, 8(2), 79–93.
Zmud, R. W., Boynton, A. C., & Jacobs, G. C. (1986). The information economy: A new perspective for effective information systems management. Data Base, 18(1), 17–23.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
De Haes, S., Van Grembergen, W., Joshi, A., Huygh, T. (2020). Enterprise Governance of IT. In: Enterprise Governance of Information Technology. Management for Professionals. Springer, Cham. https://doi.org/10.1007/978-3-030-25918-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-25918-1_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-25917-4
Online ISBN: 978-3-030-25918-1
eBook Packages: Business and ManagementBusiness and Management (R0)