- Research
- Open access
- Published:
The impact of IT governance and data governance on financial and non-financial performance
Future Business Journal volume 10, Article number: 15 (2024)
Abstract
This paper aims to examine the impact of both information technology governance (ITG) and data governance on information technology (IT) performance in the telecommunication industry. A questionnaire of 308 managers was collected from all telecommunication companies that are working in Egypt. Data were analyzed using smart partial least squares (PLS). The results showed that all the hypotheses of the study had been accepted. IT and data governance have a significant impact on both financial and non-financial performance. However, each of them has a different effect on the IT performance dimensions. The financial performance of IT department had been affected by IT governance more than data governance. Also, innovation and flexibility were the most affected by IT governance. On the other hand, data governance affected business processes and ethical compliance more than IT governance. The current study filled the gap on the literature in two ways. First, studying both IT governance and data governance as a critical factors affects financial and non-financial performance. Second, studying IT governance and data governance has become more important, especially in the telecommunication industry as it is a big challenge now to secure the data of the companies.
Introduction
Data have become one of the most powerful assets in our life. Managing and securing data plays an important role in implementing an effective cybersecurity strategy [30]. Telecommunication industry is believed to be one of the most industries affected by data security because it deals with big volume of sensitive data. For example, financial messages of customers or financial transactions present a big risk for all interested parties. Therefore, securing data needs more attention in telecommunication companies [52]. Although many studies have pointed out that data governance is very important to protect the organization’s data and assets, the literature in data governance is considered insufficient [12, 58].
Literature has not fully taken into account the importance of sharing data across several parties [82]. Most of literature attention has been focused on IT governance. previous studies investigated IT governance impacts in various disciplines. For example, [94] discussed the IT governance impact on employee's satisfaction. Kosasi and Yuliani [65] studied the IT governance in online marketing, and [71] discussed IT governance role in entrepreneurship. IT governance has a critical concern for many organizations in various industries [3], but data governance did not have the same regard in the literature; however, they are also considered as assets. Therefore, it also requires similar governance to achieve the strategic objectives [82].
Governance has been presented in the organizational literature since 1960 [100]. It is a broad term that has been discussed in many fields: economics, politics, public administration, sociology, etc. [23]. It refers to self-organizing and interorganizational networks. It is also defined as a formal and informal rules to settle conflicts between interested parties [63]. The main aim of IT governance is to utilize IT assets to achieve the organization goals [82].
When information technology began to spread, it seems to support corporate governance, as it is any form of computer-based information system that can organize, collect, store, or distribute information. Information technology also supports decision making and empowers managers and stakeholders to enhance corporate governance [38]. However, information technology is important for organizations to cope governance, and its benefit depends on people’s usage. That problem may impede the utilization of information technology. Therefore, IT governance appeared to ensure that the money invested in information technology would be able to generate the expected value and the mitigate risks associated with information technology [99].
Another gap in the literature of IT governance is that most of the previous studies measured performance at the organizational stage. For example, [8, 54, 88, 96, 103, 107] studied both direct and indirect relation between IT governance and organization performance. More studies in the IT department performance need to be held. The importance of studying IT performance appears in its impact on many aspects of the organization. IT department performance is believed to have a great effect on customer satisfaction and organization competitiveness [40]
The problem that appears also in IT unit can affect organization performance, as organization success depends on IT unit performance [101]. Measuring IT performance is very critical, because it can affect benefits, costs and risks [6]. Many researchers suggested that performance would better be measured at the level of business units, because it can indicate some problems earlier before it gets worse [59]. Unfortunately, financial indicators are not enough for the performance evaluation of IT departments. Non-financial performance measures are also critical to build a whole view of the performance [40]
Moreover, both financial and non-financial measures help in understanding the contribution of IT toward the business [33].
Just a few researchers studied the impact of IT governance on IT unit level [98]. Moreover, traditional IT governance models and frameworks are considered too structured and lack flexibility [18]. Consequently, there is a need to combine the developed IT mechanisms by data governance mechanisms.
Thus, to overcome these gaps, here the study aims to investigate the impact of IT governance mechanisms and data governance on IT department performance. Based on the research objectives, we need to answer the following questions: (1) Does IT governance impact the financial and non-financial performance of IT department? (2) Does data governance impact has the same impact on the financial and non-financial performance of IT department? (3) Which dimensions of IT performance are most affected by IT and data governance?
Here the study contributes to the literature of information system management by identifying the impact of one of the important dimensions of cybersecurity (IT governance) and data governance on IT department performance. Also, this paper will enable academics and practitioners to understand which dimension of financial and non-financial performance will most be affected by IT governance practices. Hence, the result will be useful for IT planners and top managers when taking IT decisions.
The paper is structured as follows. First, we began with an overview of theoretical background, starting with IT governance and data governance and their relation with both financial and non-financial performance. Then we use a quantitative method to investigate these relations. Finally, we discussed the overall findings and the implications for both research and practice.
Literature review
IT governance mechanisms
The ‘Governance’ word origin is a Greek word, “kyberman”; its meaning is “role, command steering, guiding or governing” [62]. Moving to the English usage, the term governance refers to the exercise of sovereign power by the state; it is a reference to processes and mechanisms for determining and realizing the collective goals [93].
Conventionally, governance is actually considered as a synonym of government [5] Generally speaking—beyond governing a country—governance would be considered referring to the activity of controlling a company or organization (Oxford Advanced Learner’s Dictionary). IT governance is a subset of corporate governance [32]. It is one of the most important concerns facing organizations managers from different industries, as it’s not just considered a supporting tool but also a strategic driving force for the business [1]. Several studies showed that enterprises should implement IT governance over the use of IT mechanisms. Enterprises embrace IT governance using a mixture of various structures, processes, and relational mechanisms [70].
Enterprise governance of IT mechanisms
Structures, processes, and relations are considered as IT governance dimensions. Structures are the organization's units and roles responsible for making IT decisions, like committees, executive teams, and business/IT relationship managers [74]. Enterprise governance of IT structure determines the person who will make decisions, which organizational unit creates and who will take part in these units? And what are their responsibilities in these units? [103].
The enterprise governance of IT processes addresses the questions: How IT investment and operation decisions are made? What are the forms of decision-making processes for a proposition, reviewing, agreeing on, and prioritizing IT investments? [10]. Processes also encompass the arrangements of formal decision making and design the forms of monitoring and control procedures for making sure that IT daily operations are consistent and in conformance with firm IT policy [32, 74].
Communication/relational mechanisms address the question of how the outcome of ITG processes and decisions will be monitored, measured and communicated. Communication/relational mechanisms are about the shared knowledge, a bidirectional communication, dynamic participation and the cooperative relationship between the corporate executive managers and IT managers, and also the employees and shareholders [1].
It is important to know that these mechanisms operate in a coordinated way. For example, these structures cannot be effective without supporting processes, e.g., IT steering committee cannot make an appropriate investment decision without an appropriate and mature portfolio management process [70].
Data governance
The future of information technology will be a mixed nature: on-premise and in the cloud, delivered by the internal IT department and by cloud service providers [56]. Cloud computing is characterized as a method of computational “outsourcing” to the cloud [69]. It is a new form of IT system and infrastructure outsourcing as an alternative to traditional information technology outsourcing [79]. It is one of the latest trends to outsource some or entire IT operations, processes or even infrastructure to run a business from the public cloud [28]. It also inherits the “roles and responsibilities” factors from outsourcing [61]. Such technology provides a paradigm shift in the field of information technology [17]. Gartner’s study predicts that the market size and growth of the cloud services business will increase in IT services [80]. Today’s competitive environment pushes technology into changing quickly, hence triggering organizations to be ready for such changes. It is believed to be one of the popular evolving information technologies that seem to affect organizations in different ways, and on different levels [60]. For all reasons mentioned above, here the study will concentrate on data governance of cloud computing.
IT governance and data governance
Organizations will have to adopt more liberal governance approaches to manage today's dynamic IT resources [7]. They should take in to consider the restructuring and expansions required in organizations’ information technology (IT) governance structures to govern cloud computing services [84, 91]. Cloud computing is forcing firms to rethink traditional IT governance practices while raising new and fundamental questions for scholars and practitioners [104]. Therefore, organizations can benefit from effective coexistence and interaction between cloud computing governance and existing IT governance approaches [27].
Once organizations decide to use cloud computing for some or all IT services, business processes are impacted. Therefore, data governance of cloud computing has become more critical than ever [26]. Some researchers suggested that governing data in cloud services as a component of IT governance offers IT–business alignment by responding to demands of the business in providing system scalability and agility when supporting business goals [43].
Theoretical framework
Agency theory, IT governance, and IT financial performance
Agency theory focuses on the conflict of interests between the owner and the manager. Governance aims to control the management's work to avoid opportunistic behavior resulting in reduced performance [53]. IT governance will ensure efficiency, decrease costs and increase control. Although many studies have investigated the relation between IT governance and performance, most of them focused on the organizational level. Moreover, these studies have shown contradictory results of the relationship between IT governance and financial performance. A group of studies found that IT governance will increase organization accountability, thereby increasing return on assets [39]. Also, [29] and [72] suggested that IT governance improves financial performance. Likewise, [108] results have shown that IT governance has significant effect on firm performance and IT capabilities mediate the relation. On the contrary, [48] and [88] have found that IT governance has no impact on the organization financial performance.
Few studies recognized the importance of studying the relationship between IT governance and IT performance. Most of these studies have found that IT governance plays an important role in supporting IT financial performance. For example, a negative relationship between IT governance misalignment and IT performance was found in [44] study, as high IT governance misalignment receives no benefits from their IT investment, while low IT governance misalignment obtains higher value from their IT investments. Therefore, right IT governance decisions can raise the return of IT investment performance [108]. Robinson [86] suggested that IT governance aims to ensure that IT is aligned to the business needs. Thus, the more business–IT alignment the better IT performance.
H1
IT governance has significant effect on IT financial performance.
IT governance and non-financial performance
Previous studies in information systems management show that information governance has two goals: protecting information and maximizing the value of information [100]. Subsequently, implementing effective IT governance (ITG) is important for the success and prosperity of organizations [85]. Thus, IT governance may affect both financial and non-financial performance. Here the study concentrated on decision making, process, innovation, flexibility and ethical compliance as indicators for non-financial performance.
IT governance, decision making, and process
Governance is an activity requires effective and efficient use of resources to achieve desired aims. In corporate level, corporate governance is developed to solve the problems related to control separation in organizations. Therefore, the literature in corporate governance showed that governance can affect decision making. It is also necessary for effective processes [2]. IT governance is a part of corporate governance. It involves building IT capability that is able to offer a business strategic advantages by taking appreciate decisions [106]. IT governance controls and manages IT resources such as infrastructure technology and people in organizations [24]. It includes defining and aligning the IT strategy to the organization's strategy, making IT investment decisions and making overall IT risk management decisions [8]. Thus, IT governance can support the operations of organizations to the extent that can lead to financial loss or risks [16].
H2
IT governance has significant effect on a) decision-making process and b) business process.
IT governance, innovation, and flexibility
IT governance mechanisms could help organizations to be agile and innovative [51]. That may happen because IT governance leads to new ideas and facilitate interaction between IT and business people [41]. Board of directors and the executive are responsible of IT governance. Their responsibility can impact innovation because they can help create an environment that supports innovation. They can create opportunities and sources of innovation with the knowledge and information they provide [51]. Although many results have shown positive impact of IT governance on innovation [54], few studies found a negative relation. For example, [25] found that IT governance has negative significant effect on innovation product and process when IT governance experience is law.
Decentralized IT governance also found to support IT flexibility [78]. Flexibility refers to the ability to react to a wide range of possible environment. Flexible IT can support sustainable growth and enable firms to develop innovative offerings to their customers [49].
H3
IT governance has significant effect on a) IT flexibility and b) IT innovation.
IT governance and IT ethical compliance
Ethics are beliefs, values, rituals and behavior patterns that people share in their organizations [50]. Corporate governance is closely associated with ethics theory. Business ethics theory focuses on the rights and wrongs in business. It is concerned with norms, values, and beliefs fixed in the social process which is wrong or right for the individual and the group [19]. Corporate governance complies with exhibiting ethical behavior on all business dealings [108]. These ethical issues arise when an individual's behavior can either help or damage others [68]. That problem is getting worth in IT department of telecommunication companies as the employees can access companies’ information systems and be in contact, or be connected at any time and any place [67]. Furthermore, Telecoms employees can access several types of data about millions of users. That object can increase the risk of ethical issues [64]. IT governance as a part of corporate governance can affect behavior pattern, legal and regulatory compliance [87]. So, it can be concluded that IT governance may affect ethical compliance.
H4
IT governance has significant effect on IT ethical compliance.
Data governance for cloud computing and IT financial performance
In the current decade, many organizations adopt and use cloud computing because of its importance in supporting organization performance. Cloud computing allows organization to store and access their data any time. Moreover, various benefits arise from cloud computing such as analytics services and data security [99]. Cloud computing is believed to impact financial performance throw reducing cost by shifting computing cost from a capital expenditure to an operational cost as the provider of cloud service supplies the underlying infrastructure as a part of the service. It also enhances productivity throw collaborative applications which reduce rework [22]. Data governance for cloud computing is a set of policies, processes, roles, responsibilities, and practices used to manage and control cloud computing adoption and implementation. It aims to discipline to address cloud computing challenges and maximize the organizations' return on investment [27].
H5
Data governance for cloud computing has significant effect on IT financial performance.
Data governance for cloud computing and IT non-financial performance
Cloud computing services become increasingly important because they have several benefits. These benefits are not only related to financial aspects, but also non-financial performance such as supporting core business functions, fast performance, employee satisfaction and boost innovation [22]. It can help in analyzing huge volume of data and enhance security [102], scalability and flexibility [97].
Data governance for cloud computing, decision making and process
Using cloud computing services increases the difficulty of effective IT governance. It requires a new approach to governance and management for several reasons. For example, cloud services force customer to accept the control of the service provider on some important issues of business process. Although cloud computing offers many benefits, it has some challenges related to security of data, accountability, responsibility and internal threats. These challenges need organization to take decisions in IT department in order to overcome any risks or disadvantages [20]. Governance related to decision rights, accountability and responsibilities needs to be fulfilled by management. Cloud services are perceived as a new source of risk that needs new mechanisms to be adapted to the current IT governance [76]. Therefore, implementing data governance will be consequently new decisions as it will change the roles and responsibilities in the internal processes of the organization [13]. Thus, we assumed that data governance can impact IT decisions and processes.
H6
Data governance for cloud computing has significant effect on a) IT decision-making process and b) IT–business process.
Data governance for cloud computing, innovation and flexibility
Cloud computing lets organizations use open-source computing resources from third-party application providers to augment the cloud platform. This ecosystem provides organization with their technological needs and flexibility. It also enables selecting the required prepackaged software capabilities. Thus, cloud technology provides organizations with a rich pool of instruments to architect innovative solutions which in turn support innovation [9]. Cloud computing also offers flexibility and freedom for the organization because it can easily change service providers without any troubles and enjoy more up to date solutions [15]. Cloud computing can enhance organization innovativeness and growth, but these benefits depend on managing and adjusting risk appetite and ensure IT alignment [84]. Therefore, cloud computing governance helps organizations to create value by obtaining benefits from cloud computing services and optimizing investment and risk at the same time [57].
H7
Data governance for cloud computing has significant effect on a) IT flexibility and b) IT innovation.
Data governance for cloud computing and ethical compliance
One of the main challenges for cloud computing is legal challenges. Legal contracts between parties are written in complicated statements and organizations find it very difficult to understand these statement. Therefore, legal issues appeared to be a problem for the organizations, especially Middle Eastern and Africa as they lack regulatory support for data protection and privacy (Fig. 1). Data governance here aims to get rid of these problems, but it depends on country regulations and the industry using data governance [14]. Another ethical issue is data privacy and violations of intellectual property. Implementing effective data governance may help reducing these ethical compliances [76].
The conceptual framework
H8
Data governance for cloud computing has a significant effect on IT ethical compliance.
Research methodology
Type of research
The type of research here is quantitative research which is believed to be used when we need to answer a question by testing a theory, measured with numbers and analyzing with statistical techniques [45]. Quantitative method has many advantages; for example, it will minimize the role of researcher’s feelings and opinions which may affect the research results. Policy makers and other interested parties prefer research that is seen as wider than one researcher’s point of view [89].
Data collection and measures
The measurements were made using a survey. A Likert 5-point scale was used (1—strongly disagree, and 5—strongly agree). We measured the constructs and dimensions relying on the existing scales. Specifically, IT governance and data governance: IT governance mechanisms were measured by 33 items adopted from [34]. Data governance of cloud computing was measured by 20 items adopted from [83, 84]. In addition, non-financial performance was measured using the following dimensions: decision making and innovation were measured using the measurement of [21, 92]. Business processes were measured using measures of [21, 36, 66]. Flexibility was measured by the measures adopted from [21, 36, 105]. Legal and ethical compliance was measured by [55]. Finally, we used [75] and [4] measures for financial performance to measure the overall value of IT investments, which cannot be measured by financial ratios. Therefore, we also used the survey to know to what extent the objectives of IT investments may result in revenue [90].
Sampling
The targeted population is the communication companies in Egypt. All the four companies (Vodafone Egypt, Orange Egypt, Etisalat Egypt and WE) are approached. Here we depended on complete census because our population (telecommunication industry) is small and it is desirable to examine every unit of population because there are a comprehensive details need to be studied [45]. The sampling unit is the unit that have the answers for the research questions. Many studies have found that top managers have more information about financial and non-financial performance such as decision-making process and innovation [95]. Therefore, top managers in our study are the sample units (Table 1).
Analysis of result
Validity for formative indicators
Indicators collinearity: extensive collinearity between the items makes it difficult to distinguish the effect of individual items on the latent variable, and the collinearity of the indicators is measured using the collinearity statistics variance inflation factor (VIF), which should be below a threshold of 5 [47].
Formative measure assessment
Formative observed variables do not need to be correlated with each other; thus, classical discriminant and convergent tests do not work for formative measures; while the removal of a reflective indicator does not affect the meaning of the underlying construct, the removal of a formative indicator does affect it seriously and eliminates a part of it [37]. Accordingly, the issues that should be essential in assessing the formative measures validity are:
Content validity
It should be sure that the formative indicators cover most aspects and facets of the latent construct that is conducted before data collection.
Indicators collinearity
Extensive collinearity between the items makes it difficult to distinguish the effect of individual items on the latent variable, and the collinearity of the indicators is measured using the collinearity statistics VIF, which should be below a threshold of 5 [47].
All VIF values are below 5, so it can be considered there is low co linearity between indicators of each construct. Hair [46] suggests using the items weights and significance levels after running bootstrapping techniques for t-statistics; it can be considered the formative measure is valid if the weights are significant, but if the weights are not significant, we should look at the outer loadings and their T values. Table 2 shows these values.
Table 2 shows outer weights value to each items (formative indicators) and all items are significant, meaning that also the informative indicators are valid to measure the latent construct. All items achieve the factor loading required which is above 0.70 [47].
Convergent validity, composite reliability, and discriminant validity
Table 3 shows that all variables have convergent validity because all average variance extracted (AVE) values are above 0.50. Table 3 shows all variables have reliability after adjusting because the composite reliability to each variable is greater than or equal almost 0.70. Table 4 shows all variables have discriminate validity after adjusting because the AVE to each variable is greater than all the corresponding shared variances, but the corresponding between legal and ethical compliance and innovation variable (0.764) is greater than the corresponding between legal and ethical compliance and itself (0.763), and the percentages are close, with the achievement other validity and reliability criteria, so it is kept on these variable of items.
Testing the structure model
By path analysis the hypotheses were tested. It must be pointed out the coefficient of determination R2 value, R2 expresses the amount of variance in the dependent variable due to the influence of the independent variable; it is preferable that the R2 value be higher than 20%, but it may differ from one research to another [47]. It is clear from Table 5 that the research model is able to predict the variable of decision-making process by percentage 51.3%, financial performance 49.5%, flexibility 56.5%, innovation 50.1%, business processes 52.3%, and then legal and ethical compliance 55.7% (Fig. 2).
Testing the model structure
The calculated T value and the level of significance (P value) were examined to judge the significant extent of the influence of the independent variable on the dependent variables. Also, the amount of the effect, which is the beta coefficient β, was determined.
** 95% confidence level; whereas the P value is less than 0.05, the calculated t value is higher than (± 1.96).
IT governance impact
Table 5 shows that 1) IT governance has a positive significant effect on financial performance (β 44.3%, P < 0.05). 2) IT governance has a positive significant effect on decision-making process (\(\beta\) 43.2%, P < 0.05). 3) IT governance has a positive significant effect on flexibility (\(\beta 47.8\) %, P < 0.05). 4) IT governance has a positive significant effect on innovation (\(\beta 48\)%, P < 0.05). 5) IT governance has a positive significant effect on business processes (\(\beta\) 34.4%, P < 0.05). 6) IT governance has a positive significant effect on legal and ethical compliance (\(\beta 37.9\) %, P < 0.05).
Data governance of cloud computing impact
Table 5 also shows that 1) data governance has a positive significant effect on Financial performance (β 35.8%, P < 0.05). 2) Data governance has a positive significant effect on decision-making process (\(\beta 38.8\%\), P < 0.05). 3) Data governance has a positive significant effect on flexibility (\(\beta\) 37.6%, P < 0.05). 4) Data governance has a positive significant effect on innovation (\(\beta\) 31.1%, P < 0.05). 5) Data governance has a positive significant effect on business processes (\(\beta\), 47.5%P < 0.05). 6) Data governance has a positive significant effect on legal and ethical compliance (\(\beta 45.9\%\), P < 0.05).
Discussion and implications
The result of the study showed that IT governance has a significant positive effect on IT department financial and non-financial performance. This result is agreed with [11] study which had shown that organizations can improve its financial performance by good IT governance. Likewise, our result [88] stated that effective IT governance can affect the performance directly and economic growth of ICT companies indirectly. Here results also had shown that innovation and flexibility are the most dimensions affected by IT governance. This result may be because IT governance is believed to prioritize IT projects and allocate budgets according to prioritizes which means a better use of resources and a clear direction and control. These benefits will help organizations to achieve continuous innovation. Moreover, IT governance enhances knowledge acquisition [73] which in turn support innovation [31]. Another justification for the result is that telecommunication industry is a high environmental dynamism and characterized by fast-paced changes and strong competition and using IT governance will help organization to strength their innovation capabilities [77]. Therefore, IT governance plays a significant role in supporting innovation in telecommunication industry. Here the study has found that IT governance affected financial performance more than data governance of cloud computing. Some authors believed in the importance of data governance in order to gain many financial benefits such as reducing cost and increasing effectiveness, but the main purpose of data governance is to protect data for stakeholders. That is because protecting data is one of the main challenges that face cloud services. That’s why our study also has found that business processes and ethical compliance affected by data governance of cloud computing more than IT governance. Moreover, IT governance is related to decisions about IT investments, application portfolio, and project portfolio, but it is not related to data [14]. For all the above reasons, we can conclude that IT governance does not have the same impact of data governance of cloud computing on financial and non-financial performance. Therefore, studying both IT and data governance nowadays is a basic necessary.
Theoretical contribution
Most of the previous studies were interested in investigating the impact of IT governance on the organizational performance while it is so important to know how can it affect IT department performance. Thus, this study tried to overcome this gap in literature by studying the impact of IT governance on both financial and non-financial performance of IT department. Moreover, currently studying IT governance is not enough. Organizations need to collect resources, processes and structures to protect their information systems [42]. Therefore, this study filled the gap in the literature by studying the role of both IT and data governance in supporting IT financial and non-financial performance.
Practical implications
Here the study provides insights into practitioners. Adopting digital services has increasingly grown in great numbers of organizations [42]. The advancement of using the digital services raises the need for data security. The result of this study is useful for IT managers, decision makers and CEOs, specially who are working in the Telecommunication industry. Besides helping managers in planning for information systems and data management, the study has many benefits for different parties. 1) This study is useful for financial manager as, the result showed that IT governance affect the financial performance. 2) Top managers can use the result as a guide when they are planning, as they should take into consideration that any changes in IT governance dimensions may affect the degree of flexibility and innovation. 3) Legal affairs also can benefit from the study as it showed that data governance of cloud computing mostly affects legal and ethical compliance. Subsequently, they have to find a way to get benefits from cloud services and avoid its risks. The current research has a number of limitations: (1) This research examines the impact of IT and data governance on performance. Future studies can be implemented to examine the indirect impact of IT and data governance on the performance. In addition, more studies need to discuss how to benefit from cloud services without being at risk. The impact of several ways of protecting data on performance also needs more investigations. (2) The current study was applied only to the telecommunication industry; however, it is important to examine the research framework to other industries that are providing online services or dealing with huge amounts of data transfer such as information technology, banking, and airline industries. These industries are exposed recently to face risks related to data security, thus, further investigations are needed on these industries [81]. (3) All four targeted companies are large organizations. However, small and medium companies also need information technology governance studies nowadays [35]. (4) The quantitative research methodology had been used to achieve the research objectives. It is also better to use a qualitative or mixed methods in the future to add more value to the literature.
Conclusion
Nowadays, IT is considered the backbone of any business. Therefore, IT governance has become an important part of any business strategy. The large amount of IT investment increased the importance of measuring IT performance with both financial and non-financial measures. By reviewing the current literature, we have found that most of the studies concentrated on the impact of IT governance on the organizational performance, while data governance is still under-researched and the literature is considered insufficient. Therefore, it is important to study both IT and data governance. This study is useful for academics and practitioners by investigating the impact of IT and data governance on both the financial and non-financial performance of the IT department. The first step in this study was choosing an appropriate industry for the study. The telecommunications industry is believed to be one of the industries that deals with a huge amount of data and needs both IT and data governance. The second step was deciding the relevant measures for the study to achieve the research objectives. The third step was collecting data using a survey questionnaire. The third step was selecting data analysis techniques suitable to the study objectives. The result of this study supported that IT governance and data governance have an impact on IT department performance, but each of them differs in the degree of the impact. IT governance impacts financial performance, flexibility and innovation more than data governance, while data governance impacts business processes and ethical compliance more than IT governance.
Availability of data and materials
The datasets used and/or analyzed during the current study are available from the corresponding author upon reasonable request.
Abbreviations
- IT:
-
Information technology.
- ITG:
-
Information technology governance
- VIF:
-
Variance inflation factor
- AVE:
-
Average variance extracted
- CEOs:
-
Chief executive officer
- COO:
-
Chief operational officer
- CIO:
-
Chief information officer
- ROI:
-
Return on investment
- COBIT:
-
Control objectives for information and related technologies
- COSO:
-
Committee of sponsoring organizations
- ERM:
-
Enterprise risk management
- SLA:
-
Service level agreement
- QoS:
-
Quality of service
- QoP:
-
Quality of process
- IS:
-
Information systems
References
Aasi P, Rusu L, Leidner D, Perjons E, Corrales Estrada M (2018) How does the organizational culture of collaborative networks influence IT governance performance in a large organization?
Abbady M, Akkaya M, Sari A (2019) Big data governance, dynamic capability and decision-making effectiveness: fuzzy sets approach. Decis Sci Lett 8(4):429–440
Abdollahbeigi B, Salehi F (2021) A study of information technology governance initiatives on organizational performance. Int J Econ Manag Syst
Addo T, Chow CW, Haddad KM (2004) Development of an IT balanced scorecard. J Int Inf Manag 13(4):1
Abdou AM (2021) Good governance and COVID-19: the digital bureaucracy to response the pandemic (Singapore as a model). J Public Aff 21(4):e2656
Ademola EO (2019) Insights into cyber policies, information technology governance (ITG) and multi-stakeholder security governance scaling (MSGS) for decision makers within UK SME aviation. J Behav Inform 5(4):1–4
Ady CI, Basuki PN, Manuputty AD (2019) Analysis of information technology governance using the COBIT 5 framework (Case Study: E-legal drafting legal section of the Regional Secretariat of Salatiga City). J Inf Syst Inform 1(2):136–151
Ako-Nai A, Singh AM (2019) Information technology governance framework for improving organisational performance. S Afr J Inf Manag 21(1):1–1
Ali A, Warren D, Mathiassen L (2017) Cloud-based business services innovation: a risk management model. Int J Inf Manag 37(6):639–649
Almeida R, Pereira R, Mira da Silva M (2013) IT governance mechanisms: a literature review. In: Exploring services science: 4th international conference, IESS 2013, Porto, Portugal, February 7–8, 2013. Proceedings 4 (pp. 186–199). Springer Berlin Heidelberg
Al Romaihi NA, Hamdan A (2021) The relationship between IT governance and firm performance: a review of the literature. Sustainable finance, digitalization and the role of technology
Al-Ruithe M, Benkhelifa E (2017) A conceptual framework for cloud data governance-driven decision making. In: 2017 International conference on the frontiers and advances in data science (FADS). IEEE
Al-Ruithe M, Benkhelifa E, Hameed K (2016) A conceptual framework for designing data governance for cloud computing. Procedia Comput Sci 94:160–167
Al-Ruithe M, Benkhelifa E, Hameed K (2019) A systematic literature review of data governance and cloud data governance. Pers Ubiquitous Comput 839–59
Alshomrani S, Qamar S (2013) Cloud based e-government: benefits and challenges. Int J Multidiscip Sci Eng 4(6):1–7
Amali LN, Mahmuddin M, Ahmad M (2014) Information technology governance framework in the public sector organizations. TELKOMNIKA (Telecommun Comput Electron Control) 12(2):429–436
Ashogbon AD (2021) Examining the role of diffusion of innovation theory in cloud computing adoption: international marketing organization perspective. Northcentral University
Awais M, Gill A (2016) Enterprise IT Governance: Back to Basics
Bashaija W, Namusonge GS, Ndabaga E (2017) Effects of governance on financial stability of micro finance institutions in Rwanda. Eur J Soc Sci 55(4):384–391
Becker J, Bailey E (2014) A comparison of IT governance & control frameworks in cloud computing
Bernroider EW (2008) IT governance for enterprise resource planning supported by the DeLone–McLean model of information systems success. Inf Manag 45(5):257–269
Berthing HH (2013) Cloud governance: benefits and value from cloud service & security. In: 7th annual european grc summit: governance, risk management, compliance and IT-securuty
Bevir M (2013) A theory of governance
Bianchi IS, Sousa RD (2016) IT Governance mechanisms in higher education. Procedia Comput Sci 100:941–946
Borja S, Kim K, Yoon H, Hwang J (2018) IT governance effectiveness and its influence on innovation product and process. In: 2018 Portland international conference on management of engineering and technology (PICMET) (pp. 1–8). IEEE
Bounagui Y, Hafiddi H, Mezrioui A (2015) Requirements definition for a holistic approach of cloud computing governance. In: 2015 IEEE/ACS 12th international conference of computer systems and applications (AICCSA) (pp. 1–8). IEEE
Bounagui Y, Mezrioui A, Hafiddi H (2019) Toward a unified framework for cloud computing governance: an approach for evaluating and integrating IT management and governance models. Comput Stand Interfaces 62:98–118
Branco T, Bianchi I, de Sá-Soares F (2019) Cloud computing adoption in the government sector in Brazil: an exploratory study with recommendations from IT managers. In” Green, pervasive, and cloud computing: 14th international conference, GPC 2019, Uberlândia, Brazil, May 26–28, 2019, Proceedings 14 (pp. 162–175). Springer International Publishing
Chau DC, Ngai EW, Gerow JE, Thatcher JB (2020) The effects of business–IT strategic alignment and it governance on firm performance: a moderated polynomial regression analysis. MIS Q. 44(4)
Çubuk EB, Zeren HE, Demirdöven B (2023) The role of data governance in cybersecurity for E-municipal services: implications from the case of Turkey. In: Handbook of research on cybersecurity issues and challenges for business and FinTech applications (pp 410–425). IGI Global
Dahiyat SE (2015) An integrated model of knowledge acquisition and innovation: examining the mediation effects of knowledge integration and knowledge application. Int J Learn Chang 8(2):101–135
De Haes S, Van Grembergen W, De Haes S, Van Grembergen W (2015) Enterprise governance of IT. Springer International Publishing
De Haes S, Van Grembergen W, Joshi A, Huygh T (2019) Enterprise governance of information technology: Achieving alignment and value in digital organizations. Springer International Publishing, Germany
De Haes S, Van Grembergen W, Joshi A, Huygh T, De Haes S, Van Grembergen W, Joshi A, Huygh T (2020) COBIT as a framework for enterprise governance of IT. Enterprise Governance of Information Technology: Achieving Alignment and Value in Digital Organizations. 125–62
da Silva HC, Dornelas JS, Araújo MA (2022) Strategic role of IT and IT governance mechanisms for the context of small and medium enterprises. Iberoamerican J Entrepreneurship Small Bus 11(1):e2051–e2051
DeLone WH, McLean ER (2003) The DeLone and McLean model of information systems success: a ten-year update. J Manag Inf Syst 19(4):9–30
Diamantopoulos A, Winklhofer HM (2001) Index construction with formative indicators: an alternative to scale development. J Mark Res 2:269–277
Elizabeth Abraham S (2012) Information technology, an enabler in corporate governance. Corp Gov Int J Bus Soc 12(3):281–291
Eriani ID (2019) The effect of IT investment on financial performance (case study on manufacturing sector companies listed on IDX year 2013–2016). Am J Humanit Soc Sci Res. 3(5)
Ershadi MJ, Niaki STA, Sadeghee R (2019) Evaluation and improvement of service quality in information technology department of a detergent production company using the SERVQUAL approach. Int J Serv Oper Manag 34(2):228–240
Fernández-Mesa A, Luis Ferreras-Mendez J, Alegre J, Chiva R (2014) IT competency and the commercial success of innovation. Ind Manag Data Syst 114(4):550–567
Girn S (2022) A data driven approach to board cybersecurity governance. In: Pacific Asia conference on information systems. AIS
Govindaraju R, Akbar R, Suryadi K (2018) IT Infrastructure transformation and its impact on IT capabilities in the cloud computing context. Int J Electr Eng Inform 10(2)
Gu B, Xue L, Ray G (2008) IT governance and IT investment performance: an empirical analysis. Available at SSRN 1145102
Gupta A, Gupta N (2022) Research methodology. SBPD Publications
Hair JF (2013) Using the SmartPLS Software Assessment of Measurement Models, ‖ Sage, prentice hall
Hair Jr JF, Hult GT, Ringle CM, Sarstedt M (2021) A primer on partial least squares structural equation modeling (PLS-SEM). Sage publications
Hamdan A, Khamis R, Anasweh M, Al-Hashimi M, Razzaque A (2019) IT governance and firm performance: empirical study from Saudi Arabia. SAGE Open 9(2):2158244019843721
Han JH, Wang Y, Naim M (2017) Reconceptualization of information technology flexibility for supply chain management: an empirical study. Int J Prod Econ 187:196–215
Henriques D, Pereira R, Almeida R, Da Silva MM (2020) IT governance enablers. Фopcaйт 14(1):48–59
Héroux S, Fortin A (2018) The moderating role of IT-business alignment in the relationship between IT governance, IT competence, and innovation. Inf Syst Manag 35(2):98–123
Huang K, Madnick S, Zhang F, Siegel M, Huang K, Madnick S, Zhang F, Siegel M (2022) Varieties of public–private co-governance on cybersecurity within the digital trade: implications from Huawei’s 5G. J Chin Gov 7(1):81–110
Huu Nguyen A, Thuy Doan D, Ha Nguyen L (2020) Corporate governance and agency cost: empirical evidence from Vietnam. J Risk Financ Manag 13(5):103
Ilmudeen A (2022) Information technology (IT) governance and IT capability to realize firm performance: enabling role of agility and innovative capability. Benchmarking Int J. 29(4):1137–1161
ITGI I (2007) COBIT 4.1: control objectives, management guidelines, maturity models. Rolling Meadows: ITGI
Juiz C, Guerrero C, Lera I (2014) Implementing good governance principles for the public sector in information technology governance frameworks. Open J Acc
Karkošková S, Feuerlicht G (2016) Cloud computing governance lifecycle. Acta Informatica Pragensia 5(1):56–71
Kastouni MZ, Lahcen AA (2022) Big data analytics in telecommunications: governance, architecture and use cases. J King Saud Univ Comput Inf Sci 34(6):2758–2770
Kaydos W (2020) Operational performance measurement: increasing total productivity. CRC Press
Khalil S, Fernandez V, Fautrero V (2016) Cloud impact on IT governance. In: 2016 IEEE 18th conference on business informatics (CBI) (Vol 1, pp 255–261). IEEE
Khan S, Nicho M, Takruri H (2016) IT controls in the public cloud: Success factors for allocation of roles and responsibilities. J Inf Technol Case Appl Res 18(3):155–180
Khori T (2019) Assessing the implementation of the king III internal auditing reporting guidelines at universities of technology in South Africa
Kjaer AM (2023) Feb Governance. John Wiley & Sons
Koeleh GZ (2021) The role of big data for marketing opportunities in the South African telecoms market (Doctoral dissertation, Dublin, National College of Ireland)
Kosasi S, Yuliani ID (2017) Sep enhancing online business marketing to expand market shares through IT governance. In: 2017 4th international conference on electrical engineering, computer science and informatics (EECSI) 19 (pp. 1–5). IEEE
Lazic M, Heinzl A, Neff A (2011) IT Governance impact model: how mature IT governance affects business performance
Leclercq-Vandelannoitte A (2017) An ethical perspective on emerging forms of ubiquitous IT-based control. J Bus Ethics 142(1):139–154
Lehner OM, Ittonen K, Silvola H, Ström E, Wührleitner A (2022) Artificial intelligence based decision-making in accounting and auditing: ethical challenges and normative thinking. Acc Audit Account J 35(9):109–135
Lei X, Liao X, Huang T, Li H (2014) Cloud computing service: the caseof large matrix determinant computation. IEEE Trans Serv Comput 8(5):688–700
Levstek A, Hovelja T, Pucihar A (2018) IT governance mechanisms and contingency factors: towards an adaptive IT governance model. Organizacija 51(4):286–310
Liebe JD, Thomas O, Jahn F, Kücherer C, Esdar M, Weiß JP, Hüsers J, Hübner U. Zwischen Schattendasein (2017) Governance und Entrepreneurship-Eine empirische Bestandsaufnahme zum Professionalisierungsgrad des IT-Managements in deutschen Krankenhäusern.
Lunardi GL, Becker JL, Maçada AC, Dolci PC (2014) The impact of adopting IT governance on financial performance: an empirical analysis among Brazilian firms. Int J Account Inf Syst 15(1):66–81
Luna-Reyes L, Juiz C, Gutierrez-Martinez I, Duhamel FB (2020) Exploring the relationships between dynamic capabilities and IT governance: implications for local governments. Transform Gov People Process Policy 14(2):149–169
Maleh Y, Sahid A, Belaissaoui M, editors (2019) Strategic IT governance and performance frameworks in large organizations. IGI Global
Martinsons M, Davison R, Tse D (1999) The balanced scorecard: a foundation for the strategic management of information systems. Decis Support Syst 25(1):71–88
Mertens M, De Haes S, Huygh T (2020) Risks and mitigating controls. Routledge Companion Manag Digit Outsourcing 6:269
Mikalef P, Boura M, Lekakos G, Krogstie J (2020) The role of information governance in big data analytics driven innovation. Inf Manag 57(7):103361
Mikalef P, Pateli A, van de Wetering R (2016) IT flexibility and competitive performance: the mediating role of IT-enabled dynamic capabilities
Moghadasi M, Mousavi SM, Fazekas G (2018) Cloud computing auditing. Int J Adv Comput Sci Appl. 9(12)
Mulyana R, Rusu L, Perjons E (2022) IT Governance mechanisms that influence digital transformation: a delphi study in indonesian banking and insurance industry. In: Pacific Asia conference on information systems (PACIS), AI-IS-ASIA (Artificial intelligence, information systems, in Pacific Asia), Virtual Conference 2022. Association for information systems (AIS).
Paparova D, Aanestad M, Vassilakopoulou P, Bahus MK (2023) Data governance spaces: the case of a national digital service for personal health data. Inf Organ 33(1):100451
Prasad A, Green P, Heales J (2014) On governance structures for the cloud computing services and assessing their effectiveness. Int J Acc Inf Syst 15(4):335–356
Prasad A, Green P (2015) Governing cloud computing services: reconsideration of IT governance structures. Int J Acc Inf Syst 19:45–58
Pucihar A, Ravesteijn MK, Seitz J, Bons R (2018) Designing an adaptive and sustainable ITG model for SMEs. In: 31ST Bled eConference digital transformation: meeting the challenges (p. 697).
Raymond L, Bergeron F, Croteau AM, Uwizeyemungu S (2019) Determinants and outcomes of IT governance in manufacturing SMEs: a strategic IT management perspective. Int J Account Inf Syst 35:100422
Robinson N (2005) IT excellence starts with governance. J Invest Compliance 6(3):45–49
Salehi F, Abdollahbeigi B, Sajjady S (2021) Impact of effective IT governance on organizational performance and economic growth in Canada. Asian J Econ Financ Manag. 58–63
Scharrer E, Ramasubramanian S (2021) Quantitative research methods in communication: The power of numbers for social justice. Routledge
Schmidt PJ, Wood JT, Grabski SV (2016) Business in the cloud: research questions on governance, audit, and assurance. J Inf Syst 30(3):173–189
Schniederjans MJ, Hamaker JL, Schniederjans AM (2010) Information technology investment: decision-making methodology. World Scientific Publishing Company
Shang S, Seddon PB (2002) Assessing and managing the benefits of enterprise systems: the business manager’s perspective. Inf Syst J 12(4):271–299
Sharma AK (2018) Governance: the concept and its dimensions. Indian J Public Adm 64(1):1–4
Shokouhyar S, Zarrin S, Shokoohyar S (2020) Analysing the impact of IT governance on the performance of project-based organisations. Int J Bus Syst Res 14(4):411–433
Singh SK, Gupta S, Busso D, Kamboj S (2021) Top management knowledge value, knowledge sharing practices, open innovation and organizational performance. J Bus Res 128:788–798
Sirisomboonsuk P, Gu VC, Cao RQ, Burns JR (2018) Relationships between project governance and information technology governance and their impact on project performance. Int J Project Manag 36(2):287–300
Sohaib O, Naderpour M (2017) Decision making on adoption of cloud computing in e-commerce using fuzzy TOPSIS. In: 2017 IEEE international conference on fuzzy systems (FUZZ-IEEE) (pp. 1–6). IEEE
Tabach A, Croteau AM (2017) Configurations of Information technology governance practices and business unit performance. Int J IT/Bus Alignment Gov (IJITBAG) 8(2):1–27
Taleb N, Mohamed EA (2020) Cloud computing trends: a literature review. Acad J Interdiscip Stud. 9(1)
Tallon PP, Ramirez RV, Short JE (2013) Dec the information artifact in IT governance: toward a theory of information governance. J Manag Inf Syst 30(3):141–178
Taouab O, Issor Z (2019) Firm performance: definition and measurement models. Eur Sci J 15(1):93–106
Tripathi A, Parihar B (2011) E-governance challenges and cloud benefits. In: 2011 IEEE international conference on computer science and automation engineering (Vol. 1, pp. 351–354). IEEE
Vejseli S, Proba D, Rossmann A, Jung R (2018) The agile strategies in IT Governance: towards a framework of agile IT Governance in the banking industry. In: Twenty-sixth European conference on information systems (ECIS 2018) (pp. 1–17). University of Portsmouth
Vithayathil J (2018) Will cloud computing make the Information Technology (IT) department obsolete? Inf Syst J 28(4):634–649
Weill P, Broadbent M (1998) Leveraging the new infrastructure: how market leaders capitalize on information technology. Harvard Business Press
Wilkin CL, Couchman PK, Sohal A, Zutshi A (2016) Exploring differences between smaller and large organizations’ corporate governance of information technology. Int J Acc Inf Syst 22:6–25
Wu SP, Straub DW, Liang TP (2015) How information technology governance mechanisms and strategic alignment influence organizational performance. MIS Q 39(2):497–518
Zhang P, Zhao K, Kumar RL (2016) Impact of IT governance and IT capability on firm performance. Inf Syst Manag 33(4):357–373
Zvavahera P, Ndoda GR (2014) Corporate governance and ethical behaviour: the case of the Zimbabwe broadcasting corporation. J Acad Bus Ethics 9:1
Acknowledgements
Not applicable.
Funding
No funding.
Author information
Authors and Affiliations
Contributions
HMN developed the research framework, participated in collecting data and analyzing data and was a major contributor to writing the manuscript. HMK and AEAN developed the idea of the research, wrote the methodology section and participated in collecting data. All authors read and approved the final manuscript.
Corresponding author
Ethics declarations
Ethics approval and consent to participate
Not applicable.
Consent for publication
Not applicable.
Competing interests
The authors declare that they have no competing interests.
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendices
Appendix 1: Questionnaire
Dears,
We are conducting a study to explore the impact of IT/ data governance mechanisms with governance of information technology mechanisms on performance of information technology business unit performance.
Because we are strongly value your views on IT/data governance, we have carefully prepared a questionnaire on this subject. we believe that responding to the questionnaire should not take more than 25 minutes of your valuable time. It would be greatly appreciated if your duly filled questionnaire could be returned to me by this month using the enclosed envelope.
We also need the input on the subject from one of the business unit leaders within your organization. Since we do not know his/her name, we would kindly ask you to forward the attached Business unit performance questionnaire to his/her attention. This survey is a critical part of the dissertation required for the completion of my doctoral studies. Therefore, your participation and the one from your colleague are essential for better understanding the relationships under study. Please rest assured that the data collected will remain private and confidential and will be used solely for this research project. The identity of all participants will be protected at all times.
Note that the completion of this questionnaire will be regarded as your consent to participate in this research study. Having both questionnaires filled will enable me to generate a customized executive summary of the results of this survey which I will be glad to send to you if you provide me with a business card in the return envelope or if you send me an email. To keep your responses confidential and anonymous, please do not identify yourself on the survey. I thank you in advance and look forward for your answers.
Section A: IT governance practices
Using the provided scale, please rate the following dimensions related to IT governance structures within your firm by selecting the number that best represents your opinion about its status. Level 1 indicates “Very Ineffective” whereas level 5 refers to “Very Effective”.
Within my organization, the …… | Very ineffective | Ineffective | Marginally effective | Effective | Very effective | |
|---|---|---|---|---|---|---|
S1 | IT strategy committee, which is at the board of directors’ level with a role to oversee and approve the IT strategy, is | 1 | 2 | 3 | 4 | 5 |
S2 | IT expertise at level of board of directors have expertise and experience regarding the value and risk of IT is | 1 | 2 | 3 | 4 | 5 |
S3 | (IT) audit committee at level of board of directors overviewing (IT) assurance activities is | 1 | 2 | 3 | 4 | 5 |
S4 | CIO as a full member of the executive committee is | 1 | 2 | 3 | 4 | 5 |
S5 | CIO (Chief Information Officer) reporting to CEO (Chief Executive Officer) and/or COO (Chief Operational Officer) is | 1 | 2 | 3 | 4 | 5 |
S6 | IT steering committee for determining business priorities in IT investments, & implementation, tracking IT investments is | 1 | 2 | 3 | 4 | 5 |
S7 | IT governance function/officer for promoting, driving and managing IT governance processes is | 1 | 2 | 3 | 4 | 5 |
S8 | Security/compliance/risk officer | 1 | 2 | 3 | 4 | 5 |
S9 | IT project steering committee | 1 | 2 | 3 | 4 | 5 |
S10 | IT security steering committee | 1 | 2 | 3 | 4 | 5 |
S11 | Architecture steering committee | 1 | 2 | 3 | 4 | 5 |
S12 | Integration of governance/alignment tasks in roles & responsibilities | 1 | 2 | 3 | 4 | 5 |
Section B: data governance of cloud computing practices
Using the provided scale, please rate the following dimensions related to data governance structures within your firm by selecting the number that best represents your opinion about its status. Level 1 indicates “Very Ineffective” whereas level 5 refers to “Very Effective”.
Within my organization, the …… | Very ineffective | Ineffective | Marginally effective | Effective | Very effective | |
|---|---|---|---|---|---|---|
cs1 | Chief cloud officer | 1 | 2 | 3 | 4 | 5 |
cs2 | Cloud management committee | 1 | 2 | 3 | 4 | 5 |
cs3 | Cloud service facilitation center | 1 | 2 | 3 | 4 | 5 |
cs4 | Cloud relationship center | 1 | 2 | 3 | 4 | 5 |
cs5 | Cloud Management Working Group | 1 | 2 | 3 | 4 | 5 |
cs6 | Cloud Center of Excellence (CCoE) | 1 | 2 | 3 | 4 | 5 |
cs7 | Cloud Computing Governance Board | 1 | 2 | 3 | 4 | 5 |
cs8 | Cloud Computing Governance Development Team | 1 | 2 | 3 | 4 | 5 |
cs9 | Cloud Computing Governance Operation | 1 | 2 | 3 | 4 | 5 |
Section C: IT governance practices
Using the following scale, please rate the following dimensions related to IT governance processes. Please select the number that best represents your opinion about its status within your firm.
IT governance maturity model |
|---|
1 Initial—Early evidence that the organization knows there is an ITG process issue that needs addressing and has started out with either non-standard or ad-hoc processes |
2 Repeatable—Processes have been developed and implemented to the extent that similar procedures are followed by different people undertaking the same task |
3 Defined—People using the now defined and documented procedures are trained, but it is still an individual’s responsibility to follow the procedure: it is unlikely to be detected if they do not |
4 Managed—Compliance can be monitored and measured for effectiveness and continuous improvement. Automation and tools are used in a limited and fragmented way |
5 Optimized—Processes are now defined and documented based on best practice, continuous improvement and maturity modelling. Business and IT planning are integrated and automated, providing workflows and tools to enhance practice, as well as governance efficiency and effectiveness |
0 Non-existent—No obvious or recognizable processes. The issue and requirement have yet to be identified |
Within my organization, the …… | Initial | Repeatable | Defined | Managed | Optimized | |
|---|---|---|---|---|---|---|
P1 | Strategic information systems planning | 1 | 2 | 3 | 4 | 5 |
P2 | IT performance measurement (e.g., IT balanced scorecard) | 1 | 2 | 3 | 4 | 5 |
P3 | Portfolio management (incl. business cases, information economics, return on investment (ROI), payback) | 1 | 2 | 3 | 4 | 5 |
P4 | Charge back arrangements—total cost of ownership (e.g., activity-based costing) | 1 | 2 | 3 | 4 | 5 |
P5 | Service level agreements | 1 | 2 | 3 | 4 | 5 |
P6 | IT governance framework control objectives for information and related technologies (COBIT) | 1 | 2 | 3 | 4 | 5 |
P7 | IT governance assurance and self-assessment | 1 | 2 | 3 | 4 | 5 |
P8 | Project governance/Management methodologies | 1 | 2 | 3 | 4 | 5 |
P9 | IT budget control and reporting | 1 | 2 | 3 | 4 | 5 |
P10 | Benefits management and reporting | 1 | 2 | 3 | 4 | 5 |
P11 | Committee of sponsoring organizations (COSO)/enterprise risk management (ERM) | 1 | 2 | 3 | 4 | 5 |
Section D: Data governance of cloud computing practices
Using the following scale, please rate the following dimensions related to data governance processes. Please select the number that best represents your opinion about its status within your firm.
Cloud governance maturity model |
|---|
1 Initial—Missing or inadequate cloud computing governance practices and processes, which are ad hoc, inconsistent and depends on experience of the head of IT department who recognized that cloud computing governance need to be addressed |
2 Repeatable—Cloud computing governance policies and processes are defined and implemented by individual managers with senior management involvement and oversight. Business/IT committee is about to formalize. Roles and responsibilities are not explicitly defined. Cloud computing governance policies are not properly communicated |
3 Defined—Cloud computing governance policies and governed processes are standardized, implemented, documented and communicated through formal training. There is a clear understanding of roles and responsibilities. Governing processes are not fully implemented and therefore deviations of governed process are not detected. Business/IT committee cooperates in deciding on business and cloud computing goals |
4 Managed—A set of cloud computing governance performance indicators and metrics is set to measure compliance. Cloud computing governance processes are monitored and evaluated based on statistical and quantitative techniques. Governance processes operate within defined limits. Improvement of cloud computing governance in based on quantitative measures. Cloud computing goals align with business goals so cloud computing governance supports creation of business value through realization of benefits from the use of cloud computing services |
5 Optimized—Cloud computing governance is part of enterprise governance. Cloud computing governance is optimized, continuously improved and adapted to particular environment. Business/IT committee coordinates and plans business goals and cloud computing goals, business strategy and cloud computing strategy and jointly decide on investments |
0 Non-existent—Cloud computing governance is not implemented. There are no cloud computing governance processes. No recognized need to address cloud computing governance |
Within my organization, the …… | Initial | Repeatable | Defined | Managed | Optimized | |
|---|---|---|---|---|---|---|
CP1 | Cloud performance measurement | 1 | 2 | 3 | 4 | 5 |
CP2 | Cloud governance & Management Processes | 1 | 2 | 3 | 4 | 5 |
CP3 | Cloud Portfolio Management (CPM) | 1 | 2 | 3 | 4 | 5 |
CP4 | Strategic planning for cloud | 1 | 2 | 3 | 4 | 5 |
CP5 | Cloud Service alignment | 1 | 2 | 3 | 4 | 5 |
CP6 | Benefits Management of Cloud Computing | 1 | 2 | 3 | 4 | 5 |
CP7 | CLOUD Governance maturity model | 1 | 2 | 3 | 4 | 5 |
CP8 | Cloud SLA—Including quality of service and quality of process (QoS, QoP) | 1 | 2 | 3 | 4 | 5 |
Section E: IT governance practices
Using the provided scale, please rate the following dimensions related to IT governance relational mechanisms within your firm by selecting the number that best represents your opinion about its status. Level 1 indicates “Very Ineffective” whereas level 5 refers to “Very Effective”.
Within my organization, the …… | Very ineffective | Ineffective | Marginally effective | Effective | Very effective | |
|---|---|---|---|---|---|---|
R1 | Job-rotation | 1 | 2 | 3 | 4 | 5 |
R2 | Business/IT Co-location | 1 | 2 | 3 | 4 | 5 |
R3 | Cross-functional business/IT training and learning | 1 | 2 | 3 | 4 | 5 |
R4 | Knowledge management (on IT governance) | 1 | 2 | 3 | 4 | 5 |
R5 | Business/IT account management | 1 | 2 | 3 | 4 | 5 |
R6 | Executive/senior management giving the good example | 1 | 2 | 3 | 4 | 5 |
R7 | Informal meetings between business and IT executive/ senior management | 1 | 2 | 3 | 4 | 5 |
R8 | IT leadership | 1 | 2 | 3 | 4 | 5 |
R9 | Corporate internal communication addressing IT on a regular basis | 1 | 2 | 3 | 4 | 5 |
R10 | IT governance awareness campaigns | 1 | 2 | 3 | 4 | 5 |
P11 | COSO/ERM | 1 | 2 | 3 | 4 | 5 |
Section F: Data governance of cloud computing practices
Using the provided scale, please rate the following dimensions related to data governance relational mechanisms within your firm by selecting the number that best represents your opinion about its status. Level 1 indicates “Very Ineffective” whereas level 5 refers to “Very Effective”.
Within my organization, the …… | Very ineffective | Ineffective | Marginally effective | Effective | Very effective | |
|---|---|---|---|---|---|---|
CP1 | Knowledge Management on (Cloud governance) | 1 | 2 | 3 | 4 | 5 |
CP2 | Building Trust | 1 | 2 | 3 | 4 | 5 |
CP3 | Partner-based knowledge sharing | 1 | 2 | 3 | 4 | 5 |
Part II: Business unit performance questionnaire
This questionnaire is aimed at the IT Business Unit Leader or IT Senior Manager of the Business Units within your organization.
Object: Business unit performance
Section A: Business unit non-financial performance
Using the provided scale, please indicate your perception of the following dimensions related to non-financial performance within your business unit. Level 1 indicates “Very Low” whereas level 5 refers to “Very High.
Within my organization, the …… | Very low | Low | Medium | High | Very high | |
|---|---|---|---|---|---|---|
D1 | The speed of decisions that are made within my business unit is | 1 | 2 | 3 | 4 | 5 |
D2 | The accessibility of information when decisions are made is | 1 | 2 | 3 | 4 | 5 |
D3 | The accuracy of available information when decisions are made is | 1 | 2 | 3 | 4 | 5 |
D4 | The availability of strategic alternatives before decisions are made is | 1 | 2 | 3 | 4 | 5 |
D5 | Consensus with other decision makers pertaining to a business unit outcome is | 1 | 2 | 3 | 4 | 5 |
B1 | Usage of objective criteria and systematic analysis in making decisions within my business unit is | 1 | 2 | 3 | 4 | 5 |
B2 | To what extent the employee satisfaction level with the business processes is | 1 | 2 | 3 | 4 | 5 |
B3 | The degree to which the delivered outcomes from our business processes are compliant with the business requirements is | 1 | 2 | 3 | 4 | 5 |
B4 | The satisfaction with the resource allocation among our business processes is | 1 | 2 | 3 | 4 | 5 |
B5 | The cost optimization level of our business processes is | 1 | 2 | 3 | 4 | 5 |
B6 | The satisfaction level of degree of improvement in the speed of reporting and getting feedback | 1 | 2 | 3 | 4 | 5 |
F1 | The flexibility to create new services is | 1 | 2 | 3 | 4 | 5 |
F2 | The satisfaction level of the percentage of resources dedicated to planning and investigating IS activities | 1 | 2 | 3 | 4 | 5 |
F3 | The satisfaction level of the Number of new IT services integrated | 1 | 2 | 3 | 4 | 5 |
F4 | The satisfaction level of the processing efficiency of systems | 1 | 2 | 3 | 4 | 5 |
F5 | the satisfaction level of new initiatives and/or improved services /upgrades offered in key IT areas | 1 | 2 | 3 | 4 | 5 |
F6 | The satisfaction level with the volume flexibility within my business unit | 1 | 2 | 3 | 4 | 5 |
F7 | The potential to create new services/products by my business unit | 1 | 2 | 3 | 4 | 5 |
F8 | The potential to distribute a variety of information over any technological platform | 1 | 2 | 3 | 4 | 5 |
F9 | To what extent your business unit “technological component” is capable of coordinating and communicating with any other components within the enterprise as well as with the external environment | 1 | 2 | 3 | 4 | 5 |
F10 | To what extent your business unit has the ability to standardize business processes in order for it to be shared and reused | 1 | 2 | 3 | 4 | 5 |
Please keep using the same scale as provided in the previous section.
Within my organization, the …… | Very low | Low | Medium | High | Very High | |
|---|---|---|---|---|---|---|
I1 | The impact of innovation in the design of the services on lowering costs within my business unit in the last year? | 1 | 2 | 3 | 4 | 5 |
I2 | The impact of innovation changes in quality management on lowering costs within my business unit in the last year? | 1 | 2 | 3 | 4 | 5 |
I3 | The impact of innovation on enhancing existing services produced by my business unit within the last year | 1 | 2 | 3 | 4 | 5 |
I4 | The impact of innovation on creating new services produced by my business unit within the last year? | 1 | 2 | 3 | 4 | 5 |
I5 | The impact of innovation on creating better customer service by my business unit within the last year | 1 | 2 | 3 | 4 | 5 |
I6 | The impact of innovation on Number of ideas submitted by employees (over 30, 60, 90 days) | 1 | 2 | 3 | 4 | 5 |
I7 | The impact of innovation on Adding benefits to existing services, either for new or existing customers | 1 | 2 | 3 | 4 | 5 |
I8 | The impact of innovation on Implementation of new or improved procedures regarding service distribution | 1 | 2 | 3 | 4 | 5 |
L1 | The level of security awareness within my business unit | 1 | 2 | 3 | 4 | 5 |
L2 | The degree of completeness, comprehensiveness and availability of information security policies and procedures | 1 | 2 | 3 | 4 | 5 |
L3 | What is the number of detected unethical behaviors within the business unit (such as visiting non-work-related websites, or printing large personal documents)? | 1 | 2 | 3 | 4 | 5 |
L4 | The level of compliance with IT Organizational requirements | 1 | 2 | 3 | 4 | 5 |
L5 | What is the mitigation level when IT risks are not complied with? | 1 | 2 | 3 | 4 | 5 |
L6 | What is the level of compliance with IT Organizational requirements (as per your audit reports)? | 1 | 2 | 3 | 4 | 5 |
Section B: Business unit financial performance
Using the provided scale, please indicate your perception of the following dimensions related to financial performance within your business unit. Level 1 indicates “Very Low” whereas level 5 refers to “Very High”.
Within my organization, the …… | Very low | Low | Medium | High | Very high | |
|---|---|---|---|---|---|---|
F1 | The ratio of IT costs to company costs | 1 | 2 | 3 | 4 | 5 |
F2 | The ratio of estimated costs to actual costs | 1 | 2 | 3 | 4 | 5 |
F3 | The ratio of Estimated advantages to actual advantages | 1 | 2 | 3 | 4 | 5 |
F4 | Income resulting from IT-based products and services | 1 | 2 | 3 | 4 | 5 |
F5 | Evaluating accountability to customer quality of services and products evaluating the degree of innovation managers' understanding of information systems (IS) | 1 | 2 | 3 | 4 | 5 |
F6 | The percentage of total decrease of costs | 1 | 2 | 3 | 4 | 5 |
F7 | The inability degree to integrate business and IT units | 1 | 2 | 3 | 4 | 5 |
F8 | IT budget as a percentage versus total enterprise budget | 1 | 2 | 3 | 4 | 5 |
F9 | Changes in IT budget allocations | 1 | 2 | 3 | 4 | 5 |
Appendix 2
See Table 6.
Appendix 3
See Table 7.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
About this article
Cite this article
Naguib, H.M., Kassem, H.M. & Naem, A.EH.M.A. The impact of IT governance and data governance on financial and non-financial performance. Futur Bus J 10, 15 (2024). https://doi.org/10.1186/s43093-024-00300-0
Received:
Accepted:
Published:
DOI: https://doi.org/10.1186/s43093-024-00300-0