Research Article

International Journal of Engineering

Business Management
Volume 9: 18
Understating value characteristics The Author(s) 2017
DOI: 10.1177/1847979017703779
toward a robust IT governance journals.sagepub.com/home/enb

application in private organizations

using COBIT framework

Firas M Alkhaldi1, Samir Marwan Hammami2,

and Mohammed Ahmar Uddin3

Abstract
This research is an inquiry of Control Objectives for Information and Related Technologies (COBIT) as a high-level
governance and control framework which was proposed by ITGI by providing incite and statistical evidence investigating
whether ITGI pillars can be accounted for the same IT governance dimension. The data were collected via a questionnaire
distributed to 40 private organizations in the Middle East, comprising a sample size of 179 respondents of strategic- and
tactical-level managers. To investigate the research questions, the researchers apply an exploratory and confirmatory
factor analyses using EQS 6.3 and SPSS 21. The findings of the research indicate that there is an awareness of the nature of
the relationship that IT governance has with its various factors as suggested by the COBIT framework: business/IT
alignment, IT value delivery, IT resource management, IT risk management and IT performance. The findings also revealed
that IT risk management is the leading indicator in explaining the IT governance application behavior. The validated
model of ITGOV shows that IT business alignment has the least significant impact on the study sample. The overall
results illustrate the needs and the imperatives of the model factors in achieving a better understanding of the charac-
teristic value of the ITGOV applications using the COBIT framework as suggested by ITGI.

Keywords
IT governance, COBIT, IT business alignment, IT value delivery, business value delivery, resource allocation, IT risks
management, performance measurement, explanatory factor analysis, confirmatory factor analysis

Date received: 3 August 2016; accepted: 11 March 2017

Introduction and talented people are rare. Governance is seen as the

Governance can be defined as an economic, political, and
administrative authority to manage a communitys affairs at
all levels. It encompasses the mechanisms, processes, and
institutions through which community members and groups
articulate their interests, exercise their legal rights, meet their
obligations, and mediate their differences.1 Proper imple-
mentation of IT governance can improve accountability,
transparency, participation, and predictability. According
to Luftman,2 organizations that dont have a good IT gov-
ernance model dissipate valuable resources, capital, time,
and human in an era where both time and capital are scares,
application of moral business conduct by executives in the
process of making earnest decisions, as a means of
1
Amman Arab University, Business College, Amman, Jordan
2
Dhofar University, College of Commerce and Business Administration,
Department of Management Information Systems, Salalah, Oman
3
Dhofar University, College of Commerce and Business Administration,
Department of Accounting and Finance, Salalah, Oman
Corresponding Author:
Samir Marwan Hammami, Dhofar University, 2509, Salalah, Oman.
Emails: samir@du.edu.om; samir.hammami@gmail.com

Creative Commons CC BY: This article is distributed under the terms of the Creative Commons Attribution 3.0 License
(http://www.creativecommons.org/licenses/by/3.0/) which permits any use, reproduction and distribution of the work without
further permission provided the original work is attributed as specified on the SAGE and Open Access pages (https://us.sagepub.com/en-us/nam/
open-access-at-sage).
2 International Journal of Engineering Business Management
delivering direction to the firm. Governance was defined as
a set of responsibilities and practices exercised by the
board and executive management with the goal of provid-
ing strategic direction, ensuring that objectives are
achieved, ascertaining that risks are managed appropri-
ately and verifying that enterprises resource is used
responsibly.3 Good governance should allow effective
monitoring and efficient use of organization resources.
IT governance
(Weill & Ross, 2004) defined IT governance as IT gov-
ernance represents the framework for decision rights and
accountabilities to encourage desirable behavior in the use
of IT they introduce the difference between IT Manage-
ment and IT governance where management is about what
specific decisions are made by applying a systematic decid-
ing process by giving the decision rights to the right
people.4 To attain the proper corporate performance objec-
tives, sound IT governance capitalizes on the business gov-
ernance values to run and utilize IT. The definition remains
coherent with a recent clarification by Boynton et al.,5 sug-
gesting that IT governance is in the place, delivery, and
configuration of managerial duties and manage that even-
tually will impact how IT assets are used and realized. IT
governance in general terms also encompasses the process
of forming measurement and control tools to empower
individuals roles and accomplish their IT tasks and respon-
sibilities. The objective of IT governance is to guarantee
the results of a firms business processes that realize its
strategic requirements, and this is precisely what IT gov-
ernance strives to achieve. As far as this research is con-
cerned, IT governance constructs the transparency to
secure business goals.6 It is argued that applying IT gov-
ernance in organizations will lead to achieving lucidity
between the business strategy and its IT initiatives. Also,
it helps in creating and depicting the links between business
goals and IT goals, providing transparency in the prepara-
tion of an IT business project, and thus improving the busi-
ness capabilities, leading to the attainment of agreement on
priorities, and helps in understanding the resources neces-
sary to realize the initiatives.
IT governance framework
Information technology (IT) is the driving managers and
business innovators, challenging to push for more flexible
and efficient systems and business procedures to ensure
their competitive necessity and compliance with the ever
changing desires and principles.7 IT is considered as one of
the most valuable assets in an organization as indicated by
IT Governance Institute (ITGI).3 Based on this realization,
the principles of IT governance are considered as the senti-
ments of enterprises, which result in more use of IT in the
governance of business as a means to competitive advan-
tage.8 By enabling it to operate effectively, invigorated
management nowadays is appreciating the influence of IT
in the success of the organization.9,10
The technology assets strengthen the bet of IT as a way
of achieving sustainable competitive advantage.11 Conse-
quently, IT governance should be reflected through orga-
nizational practices and related decisions to utilize its IT
assets and capabilities.8,12
IT governance objectives
The main objective of IT governance is to manage IT
operations, ensuring performance is maximized and ben-
efits are attained, thereby accomplishing the advantage of
IT investment opportunities. IT governance is about
ensuring that IT assets are utilized sensibly, and IT risks
are avoided or mitigated correctly, and it is also about
involving many organizational staffs as directors, manag-
ers, supervisors, and stakeholders.12 The general goals of
IT governance are designed to appreciate the strategic
value of IT, ensuring that its processes help drive future
strategies needed for its operations.
Information technology governance
framework (COBIT)
Several IT governance frameworks are used worldwide,
each has its strengths and weaknesses in the context of
competitiveness, corporate governance demands, and reg-
ulatory requirements; the frameworks are COBIT, Informa-
tion Technology Infrastructure Library (ITIL), Australian
Standard for Corporate Governance of Information
(AS8015), and CCBF which was introduced by Chang
et al.13 as a new framework for performing cloud comput-
ing business and this is very relevant to IT/business strate-
gic alignment. This trend is also supported by Chang et al.14
by establishing the cloud computing adoption framework
whose security is suitable for business clouds, in addition to
business intelligence as a service (BIaaS). As discussed by
Chang,15 this is used to compute risk and pricing for finan-
cial analysis and stock markets. One of the most successful
IT governance frameworks is COBIT which was intro-
duced by ITGI, which categorizes the control goals and
IT processes that are regularly administrated by IT organi-
zations. For every process, COBIT is intended to deliver a
comprehensive set of activities for each IT course of action
to permit managers to advance business significance or
diminish associated risk, configurations, actions, and
strategies.16
COBIT can assist the organization to understand the
importance of positioning its system, leading to the identi-
fication of the class of supervision and governance required
and needed by the enterprise to deliver such class using
maturity models standards of essential competence
enhancements, performance areas, IT procedures measure-
ment, that help in measuring how these processes meet
business and IT goals based on balanced scorecard
Alkhaldi et al.
principles.10 COBIT as a framework permits executives to
close the difference between control desires, technical mat-
ters, and business risks17 and IT governance support can be
achieved by having a mutual control structure.11
IT governance pillars by COBIT
COBIT enables a rich policy improvement and good exer-
cises for IT control across the organization. It underlines
the regulatory obedience, supports enterprises to escalate
the value achieved from IT, permits placement, and
streamlines the application of the COBIT models. 18
COBIT is designed to be used by the organizations to
accomplish IT audit; consequently, this act will support
the comprehension of business objectives and help in
spreading best practices. Here are a number of ideas that
influence IT governance applications: IT value and align-
ment, accountability, performance measurement (PM),
and risk management (RM). It is essential that each of
these vital elements be examined as an integral to all IT
governance processes.
IT/Business strategic alignment
It is stated that there are limited Management Information
Systems (MIS) studies that explain the value and the nature
of strategic alignment between business goals and IT and
its relation to organizational performance.19
In addition, more research is ongoing in strategic align-
ment model, and its focus is on the linkage between the
organization and its IT strategies; identifying, sustaining,
and authenticating the IT schemes; and bring into line the
IT processes with the organizational activities. IT strategies
are shaped and then formed to fulfill the principal business
goals. Each of the IT strategies must be related to specific
organizational objectives, which include customer contact
management, e-commerce services, or advancing func-
tional promptness with enhanced application integration.
The IT plan can describe the application and provisions for
a new business goal. The fundamental strategic importance
of IT should be affirmed in the activities of the business
leaders, and any influence to override non-IT objectives
should be addressed.2 Moreover, Masadeh et al.20 indi-
cated that IT/business alignment is very imperative for con-
tinuity; and thus, there is a need for an additional
investigation to focus on the leading factors that expand
the understanding of the alignment process with regard to
business performance and its investment in IT projects.
The organizational strategy can be converted into opera-
tional tasks with the support of senior-level managers by
designing IT ventures. Likewise, implementation of IT
strategy must be consistent with the IT principles and
guidelines so that it integrates and aligns with organiza-
tional operations and goals.21
3
Business value delivery
Doherty et al.22 indicated that business value is achieved by
accomplishing value proposition through the business
cycle. The central principles of IT value can be seen as
in-time and budget delivery, leading to the achievement
of the promised benefits. The scope of investment and the
vagueness of the outcome are the fear that top management
has to deal with whenever they start major IT investments.
Business expectations can be achieved by decision-making
managers. The IT accountability of the approved invest-
ments in IT is collectively shared among organizational
designated members,8 taking into consideration that IT
budget and its related venture plan are genuine and cohe-
sive with the financial plans of the organization. Identifying
and acquiring a novel IT solution must be governed with
the rising trend as a model for the organization. The service
levels should be approved and controlled continuously as
needed. Consequently, the significance of IT must always
be evaluated, simplified, and established, proactively pur-
suing new ways to increase the input of IT value23 as well
as the applications of a robust IT project management.
Resource allocation
Ideal investment and proper organization of vital IT assets
confirm the correct distribution of IT resources, lack of
which is the main cause of failure to achieve the highest
level of efficacy of IT resources and also to minimize the
expenditures of these resources in many organizations.11
Moreover, IT systems and services procurement must be
decided and approved, and the management should dis-
close the proper investments regarding infrastructure and
competencies by confirming assigned responsibilities,
ensuring appropriate ways and means, and having suffi-
cient expertise to uphold and care for the IT schemes and
systems Zhang & Harte,24 which are accompanied by a
smart investment in workforce and proper IT-related
human resource planning and recruitment, and a planned
retention scheme of skilled IT staff.2527
Risk management
RM is documented in various learning studies such as in the
study by Drucker28 as the critical essentials in manipulating
the productivity and innovation in an organization, where it
can be seen as the key activities to be implemented in the
organization. RM entails performing risk awareness, risk
understanding, and assessing the organizational desire for
risk. According to Aven,29 understanding risk compliance,
the nature of risks and adapting risk accountabilities mea-
sures are a must to ensure a proper RM.
Performance measurement
Notwithstanding the prominence of PM, there is no com-
monly accepted definition. It is about monitoring,
4 International Journal of Engineering Business Management
evaluating, and reporting achievements to support sound
management, but it can include the more broad concepts
of economy, productivity, efficacy, influence, quality,
safety, and timeliness.30 It has been asserted that PM could
include both separate and cooperative performance and as a
mutual arrangement. PM with COBIT ripostes on how to fit
the IT function in supporting business requirements as in
screening strategy execution, resource utilization, progres-
sion performance, and service delivery. Tools such as
balanced scorecards are used to help translate strategies
into action plans to reach goals that are measurable beyond
general accounting. According to Gerschewski and Xiao,31
efficient and timely measures intended for addressing orga-
nizational concerns must be endorsed via the organizational
governance structure. Therefore, management needs to
spread governance that is already implemented across the
enterprise to IT through an efficient IT governance struc-
ture that focuses on strategic alignment, RM, value delivery
and resource management and PM.27 It has been also
asserted that IT governance is a vital component of the
organizational governance structure, which is built upon
three pillars: leadership, organizational processes, and
structures, ensuring that organizations IT applications are
set to achieve and encompasses the organizations policies
and goals. Also, this requires that IT board of executives
and top management assume all responsibilities and the
application of an IT governance framework.32
Research model and hypotheses
IT governance framework introduced by COBIT comprises
four goals that constitute and direct IT governance: RM,
alignment, PM, and value delivery, where each of these
goals needs to be examined as components of IT govern-
ance applications.
The research model was adopted based on the above
literature, with the objective of discussing and validating
the IT governance (COBIT framework) based on the
selected sample, wherein the hypothesized model selected
the five pillars as proposed, which are raised as research
questions; whether the five pillars can be explained signif-
icantly on the COBIT framework application behavior in
the chosen region and sample, more specifically, are there a
direct valid noteworthy relationship between IT govern-
ance (ITGOV) and value delivery (ITVD), IT/business
alignment (ITBA), resource allocation (ITRESOUR), risk
management (ITRESKM), and performance measurement
(PERFORMA).
Research hypothesis
As discussed in the literature, IT governance activities are
designed for the purpose of confirming that IT potentials
can be attained, IT performance can be optimized, and IT
risks can be avoided or mitigated.
Figure 1. Initial (Hypothesized) model of ITGOV is designed by
authors and generated using EQS 6.3. ITGOV: IT governance.
Therefore, progression of IT governance should be from
the setting of the organizations IT objectives, followed by
the way of establishing routines, following which the per-
formance can be measured and tested against the pro-
claimed goals, leading to redesigning actions where it is
needed and appropriated. The authors develop the proposed
coherent model and formulate the research hypotheses to
provide the statistical validation to confirm that IT govern-
ance pillars proposed by COBIT are explained in one
dimension, which is the first original research that confirms
that these subdimensions are statistically explained for IT
governance framework as suggested by COBIT.
Hypothesis 1. There is a valid and significant relationship
between IT governance and its pillars (goals alignment,
value delivery, resource allocation, risk management, and
performance measurement).
H1a: There is a positive relationship between business
goals alignment and IT governance application.
H1b: There is a positive relationship between delivery
and IT governance application.
H1c: There is a positive relationship between resource
allocation and IT governance application.
H1d: There is a positive relationship between risk man-
agement and IT governance application.
H1e: There is a positive relationship between perfor-
mance measurement and IT governance application.
Methodology and data analysis
This research adopts the positivist research methodology,
based on the need for quantitative data to meet the goals of
this research and to carry out the required data analysis.
Also, the researcher needs to understand the structure of the
study variables and the relation between the variables and
the constructs of the proposed mode. Considering the
advantages and disadvantages of the mail questionnaire
as it is widely known in comparison with other data collec-
tion methods, the study adopted the survey methods to
satisfy the previously mentioned constraint. The data
Alkhaldi et al.
collection tool was developed based on an extensive liter-
ature examination and on utilizing some of the related
existing measures, where initial concepts were conceived.
The key concepts are based on COBIT IT governance
framework which is used to construct the ITGOV charac-
teristics value of model pillars.
Measurement strategy and operationalization of the
model variables
The elements of model variables in this research were oper-
ationalized utilizing meticulous statistical procedures,
beginning with factor analysis moving to internal consis-
tency test, confirmatory factor analysis (CFA), establishing
construct reliability, and summated scale procedures, and,
finally, the outcome variables were analyzed using struc-
tural equation modeling. These statistical procedures are
very common among many researchers. This study adopted
the sequence of statistical methods for multivariate data
analysis presented in Hair et al.33 A summary of the CFA
results, the internal consistency test, and the composite
reliability test is given in Table 1.
Data analysis progression
The authors used sequential statistical techniques to accom-
plish the following research objectives:
 Explanatory factor analysis (EFA) using principle
components analysis with varimax rotation to define
the underlying dimensions.
 Assess scale reliability using the internal consis-
tency measure (Cronbachs a).
 CFA to further validate the result of EFA by estab-
lishing convergent and discriminate validity.
 Assess the composite reliability of the measurement
using the construct reliability arising out of the CFA.
 Creating a summated scale for all variables loading
significantly on one factor by combining several of
these variables into one composite measure.
 Developing a structural model based on the compo-
site measures and linking the hypothesized models
constructs.
 Investigating and providing interpretations of the
results of the structural equation models.
Research sample
A purposeful sample was adopted for the study, by select-
ing 179 respondents representing 40 private organizations
from Arab countries (Middle East) that capitalized heavily
on IT, applications, and tools for their business process and
services delivery.
Each of these companies must fulfill two criteria. First,
the organization must have fully operational information
system, a dedicated IT function, and allocated and utilized
5
Table 1. Explanatory factor analysis results.
Items KMO Loading range TVE Cronbachs a
ITBA (15) 0.82 0.860.70 0.60 0.83
ITVD (15) 0.83 0.820.77 0.63 0.85
ITRESOU (15) 0.81 0.780.67 0.55 0.79
ITRiskM (15) 0.81 0.860.72 0.61 0.84
ITPerfom (15) 0.81 0.830.50 0.54 0.83
KMO: KaiserMeyerOlkin measure of sampling adequacy; TVE: total
variance explained; ITBA: IT business alignment; ITVD: IT value delivery;
ITRiskM: IT risk management; ITPerfma: IT performance.
a sizable IT investment budget. A valid sample data exam-
ine the hypothesized model of the study. A survey ques-
tionnaire was used to collect the required data for the study.
Model validity
The evaluative measures of the quantitative research are
based on some criteria of scientific rigors. The first concern
of the evaluative measures of the quantitative research is the
issue of validity, where validity is manifested as the degree
to which a measure(s) correctly represents the concept of
the study and where validity is concerned with how well the
measure defines the concept. There is no easy, single way to
evaluate the validity of a concept; there is a great variety of
methods for establishing the validity of measuring instru-
ment. The research adopted and utilized the most common
type of validity that is most frequently cited in quantitative
research.33 The model validity was achieved via three tests
of commonly used validity measures.
Content validity refers to whether the scale measures the
concept it is intended to measure. Since a panel of experts
scrutinized the overall questionnaire, this suggested that the
content validity of our questionnaire was established.
Convergent validity was evaluated through CFA by
investigating both the extent of the factor loadings of the
observed variables regarding their relevant latent vari-
ables and whether those factor loadings were statistically
different from zero. All factor loadings were to an ade-
quate extent and significantly different from zero at the
p 0.05 level.
Discriminant validity is assessed by examining the
cross-factor loadings of one observed variable onto all
latent constructs on which high loadings were not expected
to represent a discriminant validity. All cross-factor load-
ing was insignificant and less than 0.5. The CFA was also
carried out as a means of establishing the discriminant
validity. All results of the CFA supported the presence of
discriminant validity.
Normality
The normality is used to assess the value of data distribu-
tion that matches up with the bell-shaped normal distribu-
tion, the values of kurtosis and skewness, and standard
6 International Journal of Engineering Business Management

Table 2. Normality results.

ITBA ITVD ITRESOUR ITRISKM PERFORMA

Variable V1 V2 V3 V4 V5
Mean 3.4798 3.3081 3.4222 3.2382 3.4202
Skewness 0.4721 0.2234 0.3639 0.5721 0.4952
Kurtosi 0.0915 0.3777 0.1207 0.1412 0.0775
Standard 0.7616 0.8008 0.7262 0.7988 0.6727
Dev.

ITVD: IT value delivery; ITBA: IT business alignment; ITRiskM: IT risk

management.

Figure 2. Structured model results of ITGOV is generated by

deviation (SD) is deemed to be the determinate indica- EQS 6.3. ITGOV: IT governance.
tors of data normality. Skewness value indicates the
symmetry of the distribution, where kurtosis value mea-
sures the flatness and peaked of the sample data con- Table 3. Model-fit indicators.
cerning a bell-shaped normal distribution; both values Fit indicators Benchmarks Model values
have to be less than 1, while SD must not exceed three 2
SD values and the sample meet the normality require- Chi-square (w ) 1.235
Probability (p) 0.05 0.266
ments (see Table 2).
BentlerBonett normed fit index 0.9 0.998
The proposed model was analyzed using EFA in SPSS Comparative fit index 0.9 1.000
[version 21]. The results showed a one-factor solution for Goodness of fit index 0.9 0.997
all ITGOV pillars with a heavy correlation score loadings, Root mean square error 0.1 0.036
and all were accepted indicators (see Table 1). Model Cronbachs a 0.5 0.908
The proposed model was analyzed using confirmatory
factor methods to study the significance of the proposed
study model using MVSOT application EQS 6.3 (see
Table 3). Table 4. Model measurement.
From the stated results, it can be concluded that all fit Standardized T Significance
measurement indicators prove that the hypothesized model Relationship path beta (b) statistics R2 at 0.05
is accepted and, thus, the model was adopted for hypothesis p
testing of this study. ITGOV f (ITBA) 0.705 7.97 0.50 p
ITGOV f (ITVD) 0.875 5.00 0.77 p
ITGOV f (ITResM) 0.801 7.82 0.64 p
ITGOV f (ITRiskM) 0.891 4.42 0.80 p
Model testing ITGOV f (ITPerfma) 0.840 7.14 0.71

The coefficient of determination (R2) was used to test ITGOV: IT governance; ITBA: IT business alignment; ITVD: IT value deliv-
ery; ITResM: IT resource management; ITRiskM: IT risk management;
the hypotheses of the proposed model, where R2 reflects ITPerfma: IT performance.
the size effect of the full structural model. Standardized
coefficients (b) used to thoroughly examine the scale of
the impact; a weak relationship is indicated as b moves
Table 5. Descending impact of COBIT IT governance pillars
closer to zero, while strong if the opposite happens (see according to beta.
Table 4).
ITGOV measurement model debates the significant Order Pillar Standardized b
association between ITGOV and its pillars (ITBA, ITVD, 1 IT risk management 0.900
ITResM, ITRiskM, and ITPerfma) as indicated by the 2 IT value delivery 0.880
study. The latent factor (ITGOV) and the five indepen- 3 IT performance 0.840
dent factors show a clear positive significant relation- 4 IT resource management 0.801
ship. It can be noted from Table 4 that T-statistic is 5 IT business alignment 0.710
significant at 0.05 for all relations, accepting all rela-
tionships of the representative ITGOV pillars. Also, it
can be concluded from Table 5 that the risk manage-
Discussion and conclusion
ment factor has the highest impact on ITGOV, with a b The findings of the final research model indicated clearly
value of 0.900, followed by value delivery and the acceptance of the characteristic value of the proposed
business alignment, having the least impact with a b model variables, where the ITGOV composite factors
value of 0.710 (see Table 5). performance management, risk management, resource
Alkhaldi et al.
management, value delivery, and alignmenthad a sig-
nificant influence on the behavior of the ITGOV appli-
cation within the sample of service companies chosen for
the study.
The results should guide ITGOV application as it will
help in the process of IT planning. To ensure performance
management, managers should consider exposing and
strengthening the trend to attain assurance, control, and
comfort about major IT decisions. CIO cooperation to
ensure IT performance is properly linked to business goals.
It is essential to monitor service levels, address IT perfor-
mance problems, and adopt corrective actions. With regard
to priorities, managers should practice the day-to-day man-
agement and verification of IT processes and controls for a
successful process performance. Considering RM as the
factor with the highest impact of ITGOV application, man-
agers must ensure the implementation of an IT control
framework, monitor IT risks are mitigated efficiently and
explore the business impact on the enterprise as well as
make risk likelihood transparent to the stakeholders.
Managers should also ensure that all critical roles in
managing IT risks are appropriately defined and staffed.
In order to maximize the benefit of resource manage-
ment, companies should capitalize on its information
and knowledge, have enable an effective IT performance
through wise resources allocation, and establish business
priorities and organizational structures; and companies
should make responsibilities flexible enough to facilitate
IT strategy implementation and information sharing and
thereby the insurance of the availability of suitable IT
resources. Value delivery can be attained through shared
duty and concern of IT investments between the IT and
the business, where business and executive expectations
about IT are managed. Budgeting and IT investment
planning have to be representative of and cohesive with
the overall goals, taking into consideration the financial
reporting of an accurate IT accounting. The service lev-
els should be approved and controlled continuously as
well as a tendency to recognize and attain new IT ser-
vices. The value of IT must be periodically assessed,
clarified, and demonstrated, always pursuing new ways
to rise IT contribution proactively. Finally, a strong IT
project management disciplines must be established.
With regard to alignment factor, IT plans and processes
must be affiliated and unified with business goals and
operations, while plan and objectives should always be
interpreted into operational missions. A clear guarantee
from the executives for the main IT projects is also
imperative. IT capabilities should be enforced to be
reflected in the daily IT operations, ensuring IT strategy
implementation according to current IT principles and
guidelines. This study provides a clear picture in con-
sidering the pillars as most important in the ITGOV
system to achieve sustainability and prosperity, and it
is also noted that service companies also need to create
a more sound understanding of the strategies of the
7
long-term planning and alignment between IT assets and
business development projects. Finally, the research
findings establish a scientific support to the link aca-
demic studies and practical implementations of this con-
cept, which was revealed by ITGI as a non-academic
organization to help companies realizing the importance
of IT governance and focusing their efforts on IT planning
and implementation in addition to increasing the awareness
of IT governance mechanisms and applications among
decision makers. As per to authors knowledge; this
research is the first original one that statistically proves
and confirms the sub-dimensions of COBIT as a coherent
IT governance framework as suggested by ITGI.
Acknowledgments
The authors would like to thank all who responded to the distrib-
uted questionnaire. They are also grateful to all managers who
support this research to see the light.
Declaration of conflicting interests
The author(s) declared no potential conflicts of interest with
respect to the research, authorship, and/or publication of this
article.
Funding
The author(s) received no financial support for the research,
authorship, and/or publication of this article.
References
1. Afandi WS. Information technology governance role in
enhancing IT portfolio management: a case study on Saudi
Arabia private sector. Int J Res Rev Appl Sci 2016; 26(1): 47.
2. Luftman JN. Managing the information technology
resources. New Jersey: Pearson Prentice Hall, 2004.
3. IT Governance Institute. IT governance roundtable: IT gov-
ernance frameworks, 2008. IL, USA.
4. Weill P and Ross JW. IT governance: how top performers
manage IT decision rights for superior results. Boston: Har-
vard Business Press, 2004.
5. Boynton AC, Jacobs GC, and Zmud RW. Whose responsibil-
ity is IT management? MIT Sloan Manage Rev 1992; 33(4):
32.
6. Spremic MARIO. IT governance mechanisms in managing
IT business value. WSEAS Trans Info Sci Appl 2009; 6(6):
906915.
7. Alreemy Z, Chang V, Walters R, et al. Critical success factors
(CSFs) for information technology governance (ITG). Int J
Info Manage 2016; 36(6): 907916.
8. Pereira R and da Silva MM. A literature review: IT govern-
ance guidelines and areas. In Gil-Garcia J, Helbig N and Ojo
A (Ed.), 6th International Conference on Theory and Prac-
tice of Electronic Governance Albany, NY, USA: ACM.
2012, pp. 320323.
9. Delone WH and Mclean ER. The Delone and Mclean model
of information systems success: a ten-year update. J Manage
Info Sys 2003; 19(4): 93.
8 International Journal of Engineering Business Management
10. ITGI. COBIT 4.1 framework control objectives management
guidelines maturity models. Illinois: The IT Governance
Institute (ITGI), www.itgi.org, 2007.
11. Al Qassimi N and Rusu L. IT governance in a public organi-
zation in a developing country: a case study of a governmen-
tal organization. Proc Comp Sci 2015; 64: 450456.
12. de Souza B, Tonelli PH, Zambalde AO, et al. Evaluating IT
governance practices and business and it outcomes: a quanti-
tative exploratory study in Brazilian companies. Proc Tech-
nol 2014; 16: 849857.
13. Chang V, Walters RJ, and Wills G. The development that
leads to the cloud computing business framework. Int J Info
Manage 2013; 33(3): 524538.
14. Chang V, Walters RJ, and Brian G. Organisational sustain-
ability modelling: an emerging service and analytics model
for evaluating cloud computing adoption with two case stud-
ies. Int J Info Manage 2016; 36(1): 167179.
15. Chang V. The business intelligence as a service in the cloud.
Future Gener Comput Syst 2014; 37: 512534.
16. Lunardi GL, Becker JL, Macada A, et al. The impact of adopting
IT governance on financial performance: an empirical analysis
among Brazilian firms. Int J Account Info Syst 2014; 15(1): 6681.
17. Goldman JE and Ahuja S. Integration of COBIT, balanced
scorecard and SSE-CMM as an organizational & strategic
information security management (ISM) framework. In ICT
Ethics and security in the 21st century: new developments
and applications. IGI Global. 2011, pp. 277309.
18. Rodrguez JU and Son C. eGovernment standard framework.
In: 15th annual international conference on digital govern-
ment research, 2014, pp. 316321. New York: ACM.
19. Alaceva C and Rusu L. Barriers in achieving business/IT
alignment in a large Swedish company: what we have
learned? Comp Human Behavior 2014; 51: 715728.
20. Masadeh R, Hunaiti Z, and Yaseen AA. An integrative model
linking IT-business strategic alignment and firm performance:
the mediating role of pursuing innovation and knowledge man-
agement strategies. Communicat IBIMA 2008; 2: 180187.
21. El-Mekawy M, Rusu L, and Perjons E. An evaluation frame-
work for comparing business-IT alignment models: a tool for
supporting collaborative learning in organizations. Comp
Human Behavior 2015; 51: 12291247.
22. Doherty NF, Shakur M, and Ellis-Chadwick F. The role of
e-service quality management in the delivery business value.
J Retail Consum Ser 2015; 27: 5262.
23. Zhu Z, Zhao J, Tang X, et al. Leveraging e-business process
for business value: a layered structure perspective. Info Man-
age 2015; 52(6): 679691.
24. Zhang YJ and Harte J. Population dynamics and competitive
outcome derive from resource allocation statistics: The gov-
erning influence of the distinguishability of individuals. The-
oretical population biology 2015; 105: 5363.
25. Bowman B, Davis G, and Wetherbe J. Three stage model of
MIS planning. Info Manage 1983; 6(1): 1125.
26. Boynton AC and Zmud RW. Information technology plan-
ning in the 1990s: directions for practice and research. MIS
Quart 1987; 11(1): 5871.
27. Hammami S and Alkhaldi FM. Enhancing BI systems appli-
cation through the integration of IT governance and knowl-
edge capabilities of the organization. In: Rahman El Sheikh A
and Alnoukari M (eds) Business intelligence and agile
methodologies for knowledge-based organizations: cross-
disciplinary applications. Hershey: Business Science
Reference, 2012, pp. 161182.
28. Drucker P. Management challenges for the 21st century. New
York: Harper Collins, 1999.
29. Aven T. Risk assessment and risk management: review of
recent advances on their foundation. Eur J Operat Res
2016; 253(1): 113.
30. Hyder J and Hebl JR. Performance measurement to demon-
strate value. Anesthesiol Clin 2015; 33(4): pp. 679696.
31. Gerschewski S and Xiao SS. Beyond financial indicators: an
assessment of the measurement of performance for interna-
tional new ventures. Int Bus Rev 2015; 24(4): 615629.
32. Ward J and Peppard J. The strategic management of informa-
tion systems: building a digital strategy. New Jersey: John
Wiley & Sons, 2016.
33. Hair JF, William CA, Babin B, et al. Multivariate data anal-
ysis. 7th ed. Pearson, 2010.