Control Objectives for Information and Related Technology (COBIT) becomes very popular in recent years and is regarded as the most comprehensive IT governance framework. However, its actual utilization and effectiveness are not clear due to the lack of academic studies. Also, the proliferation of other IT standards and best practices, such as ISO27000 series and ITIL, creates great challenges for organizations to understand their relations and to take advantage of them. The main objective of this research is to explore the practicability of COBIT framework and its actual usage. A pilot COBIT program within an IT department was carried out to collect primary data. The actual usage of COBIT tools is analyzed and compared to their theoretical design. Practical problems of COBIT framework are identified. A COBIT-BSC model is proposed to illustrate a simple way of structuring COBIT control objectives. This study will contribute some practical insights to COBIT framework and help organizations take advantage of COBIT as well as other IT control frameworks.
[1]
Gail Ridley,et al.
Attempting to Define IT Governance: Wisdom or Folly?
,
2006,
Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).
[2]
Gail Ridley,et al.
COBIT and its utilization: a framework from the literature
,
2004,
37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.
[3]
Bonnie Kaplan,et al.
Combining Qualitative and Quantitative Methods in Information Systems Research: A Case Study
,
1988,
MIS Q..
[4]
Mario Spremic,et al.
Measuring IT Governance Performance: a Research Study on CobiT) Based Regulation Framework Usage
,
2012
.
[5]
Mathew Nicho.
Information technology audit: systems alignment and effectiveness measures
,
2008
.
[6]
Pontus Johnson,et al.
Model-Based IT Governance Maturity Assessments with Cobit
,
2007,
ECIS.