IT Governance Adoption in Banking and Insurance Sector: Longitudinal Case Study of COBIT Use

For achieving business success and sustainability, companies should increase their focus on aligning business strategy with information technology (IT) governance. Consequently, there has been an increase of interest in IT governance adoption and the usage of COBIT framework. In order to investigate the reasons, ways and differences of COBIT framework implementation in financial sector companies, we have conducted a longitudinal research in form of case studies within two banks and two insurance companies. The results reveal an increase in COBIT maturity levels for all observed companies during the five year period, but with significant differences in the level and speed of its adoption. This research indicate the importance of true strategic IT and business alignment for increasing IT governance maturity and opportunities for business model innovation, which makes the practical contribution of the paper.

[1]  Vesna Bosilj-Vuksic,et al.  Supporting Performance Management with Business Process Management and Business Intelligence: A Case Analysis of Integration and Orchestration , 2013, Int. J. Inf. Manag..

[2]  Acklesh Prasad,et al.  On IT governance structures and their effectiveness in collaborative organizational structures , 2012, Int. J. Account. Inf. Syst..

[3]  Steven De Haes,et al.  A Research Journey into Enterprise Governance of IT, Business/IT Alignment and Value Creation , 2010, Int. J. IT Bus. Alignment Gov..

[4]  Walter Brenner,et al.  Toward a model of effective monitoring of IT application development and maintenance suppliers in multisourced environments , 2013, Int. J. Account. Inf. Syst..

[5]  W. Alec Cram,et al.  Addressing the Control Challenges of the Enterprise Architecture Process , 2015, J. Inf. Syst..

[6]  J. Lainhart COBIT™: A Methodology for Managing and Controlling Information and Information Technology Risks and Vulnerabilities , 2000 .

[7]  Scott B. MacKenzie,et al.  Construct Measurement and Validation Procedures in MIS and Behavioral Research: Integrating New and Existing Techniques , 2011, MIS Q..

[8]  Richard P. Bagozzi,et al.  Assessing Construct Validity in Organizational Research , 1991 .

[9]  L. Diamond IT Governance : How Top Performers Manage IT Decision Rights for Superior Results , 2005 .

[10]  Antonio Carlos Gastaud Maçada,et al.  The impact of adopting IT governance on financial performance: An empirical analysis among Brazilian firms , 2014, Int. J. Account. Inf. Syst..

[11]  Detmar W. Straub,et al.  Validation in Information Systems Research: A State-of-the-Art Assessment , 2001, MIS Q..

[12]  Isaca COBIT 5 Implementation , 2012 .

[13]  Brad Tuttle,et al.  An empirical examination of CobiT as an internal control framework for information technology , 2007, Int. J. Account. Inf. Syst..

[14]  Mario Spremic,et al.  Measuring IT Governance Performance: a Research Study on CobiT) Based Regulation Framework Usage , 2012 .

[15]  Kun-Huang Huarng,et al.  Innovation and entrepreneurship in knowledge industries , 2013 .

[16]  Margaret Volante Qualitative research. , 2008, Nurse researcher.

[17]  Christine Nadel,et al.  Case Study Research Design And Methods , 2016 .

[18]  Julia Brande Earp,et al.  Centralized end-to-end identity and access management and ERP systems: A multi-case analysis using the Technology Organization Environment framework , 2014, Int. J. Account. Inf. Syst..

[19]  Bendik Bygstad,et al.  Generative mechanisms for innovation in information infrastructures , 2010, Inf. Organ..

[20]  J. Mata,et al.  Patterns of Entry, Post-Entry Growth and Survival: A Comparison Between Domestic and Foreign Owned Firms , 2004 .

[21]  Carol Pollard,et al.  Exploring IT Governance in Theory and Practice in a Large Multi-National Organisation in Australia , 2009, Inf. Syst. Manag..

[22]  Michael Parent,et al.  Understanding IT Governance: A Case of Two Financial Mutuals , 2009, J. Glob. Inf. Manag..

[23]  Mujiono Sadikin,et al.  IT Governance Self Assessment in Higher Education Based on COBIT Case Study: University of Mercu Buana , 2014 .

[24]  Steven De Haes,et al.  COBIT 5 and Enterprise Governance of Information Technology: Building Blocks and Research Opportunities , 2013, J. Inf. Syst..

[25]  Donald E. Wynn,et al.  Principles for Conducting Critical Realist Case Study Research in Information Systems , 2012, MIS Q..

[26]  Michael Holm Larsen,et al.  IT Governance: Reviewing 17 IT Governance Tools and Analysing the Case of Novozymes A/S , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).

[27]  Daniel Beimborn,et al.  When the river leaves its bed: analyzing deviations between planned and actual interaction structures in IT change processes , 2013, J. Inf. Technol..

[28]  Michael D. Myers,et al.  A Set of Principles for Conducting and Evaluating Interpretive Field Studies in Information Systems , 1999, MIS Q..

[29]  Carla Wilkin,et al.  IT governance challenges in a large not-for-profit healthcare organization: The role of intranets , 2009, Electron. Commer. Res..

[30]  Carla Wilkin,et al.  Co-Creating Value from IT in a Contracted Public Sector Service Environment: Perspectives on COBIT and Val IT , 2013, J. Inf. Syst..

[31]  Judy Young,et al.  Assessment of IT Governance-A Prioritization of Cobit-Mårten Simonsson and , 2006 .

[32]  Mohamed Goaied,et al.  Financial development, ICT diffusion and economic growth: Lessons from MENA region , 2013 .

[33]  Gary Hardy,et al.  Using IT governance and COBIT to deliver value with IT and respond to legal, regulatory and compliance challenges , 2006, Inf. Secur. Tech. Rep..

[34]  Dieter Fink,et al.  Information technology governance: an evaluation of the theory‐practice gap , 2010 .

[35]  Paul L. Bowen,et al.  Enhancing IT governance practices: A model and case study of an organization's efforts , 2007, Int. J. Account. Inf. Syst..

[36]  Steven De Haes,et al.  Enterprise Governance of Information Technology: Achieving Alignment and Value, Featuring COBIT 5 , 2015 .

[37]  L. Gerke,et al.  Tailoring COBIT for Public Sector IT Audit: An Australian Case Study , 2009 .

[38]  Marios Damianides Sarbanes–Oxley and it Governance: New Guidance on it Control and Compliance , 2005, Inf. Syst. Manag..

[39]  Peter F. Green,et al.  Information technology investment governance: What is it and does it matter? , 2015, Int. J. Account. Inf. Syst..