1 / 18

Discussion of “IT Governance Drivers of Process Maturity,” by Roger Debreceny and Glen Gray

Uday Murthy University of South Florida. Discussion of “IT Governance Drivers of Process Maturity,” by Roger Debreceny and Glen Gray. 2011 UWCISA Symposium Toronto, Canada. Agenda. Research questions Theoretical foundation Field study methodology IT governance drivers

ivor-hale
Download Presentation

Discussion of “IT Governance Drivers of Process Maturity,” by Roger Debreceny and Glen Gray

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Uday Murthy University of South Florida Discussion of “IT Governance Drivers of Process Maturity,” by Roger Debreceny and Glen Gray 2011 UWCISA Symposium Toronto, Canada

  2. Agenda • Research questions • Theoretical foundation • Field study methodology • IT governance drivers • Process maturity measurement • Analysis & results • Contributions • Unanswered questions….future directions

  3. Research Questions • Are there attributes of IT governance that govern the level of process maturity? If so, which attributes are more or less significant? • Are there domains or processes that are more influential? • Are there other control variables such as size or industry that explain the relationship between IT governance and process maturity? • Is process maturity evenly distributed across domain?

  4. Theoretical Foundation • Resource Based View, Dynamic Capability Theory, Contingency Theory • “…provide guidance on the relationship between governance, strategy and resource acquisition…” • Unclear how these theories inform the relationship between IT governance and process maturity • No propositions offered (as promised in intro)

  5. Field Study • Nice cross-section of location and industry in sample of 51 organizations • Developed countries more heavily represented than developing countries • Europe, Canada, US, Singapore: 76% • Mexico, Philipines: 24% • Mainly large firms (avg. of 172 IT personnel, 194 servers)

  6. IT Governance Drivers • Very comprehensive approach to data collection • Decision rights and organization • Governance framework (39!) • Business/IT alignment (24 questions) • Environmental volatility • Size and complexity

  7. Process Maturity -- What • Generic maturity model (Fig. 13 in COBIT 4.1)vs. • Maturity attribute table (Fig. 15 in COBIT 4.1)

  8. Process Maturity -- How • “As is” rating for each of 6 maturity attributes for each of 41 processes for 51 organizations • Max of 12,546 observations (6 x 41 x 51) • Each maturity attribute rated on 1 to 5 scale, with 5 being highest maturity level

  9. Process Maturity – Data Issues • Ratings averaged (a) across maturity attributes and (b) across respondents • Some processes had more than one manager provide rating • Some managers provided ratings for multiple processes • “For a small number of organizations, we collected only overall process maturity level data; not attribute-level data.”

  10. Analysis & Results • Process maturity levels by domain • “…average level of process maturity is very low…” • “More prosaic processes” have relatively high levels of maturity: • 1. Security—Virus • 2. Manage Physical Environment • 3. IT investment—budgeting • 4. Security – network & firewall • 5. Manage data • What can get me fired?

  11. Concerns Regarding Analysis…1 • Regressions give appearance of rigor, but… • Missing data • Table 8 regression (overall) is based on 2095 observations (16.7% of 12,546) • Table 9 regression (by attribute) is based on 1896 observations (15.1% of 12,546) • None of the three theories are relied on for logic underlying the regressions • Lack of independence of observations • Possible multi-collinearity issues

  12. Concerns Regarding Analysis…2 • Factor analysis of “Business/IT alignment” • 41 data points (no. of organizations, N) and 16 questions (variables, p) and • N / p ratio is less than 3:1 • Bare minimum is 3:1, with 5:1 or 6:1 recommended (Cattell 1978; Gorsuch 1983) • Business/IT alignment becomes two factors: “Strategy” and “Vision” • Only “Strategy” is significant in regressions

  13. Suggestion: Data Reporting

  14. Suggestion: Analysis • Measures of IT governance • Decision rights and organization, governance frameworks, business/IT alignment, outsourcing, environmental volatility, size and complexity • Use these six measures to categorize organizations as being high, medium, or low in IT governance • Then look for relationships between IT governance category (high, medium, low) and IT process maturity – overall and by domain

  15. Contributions • First look at process maturity of COBIT processes and IT governance drivers thereof • International focus, allowing comparison across firms in more and less developed countries • Association between process maturity and business/IT alignment is intuitively appealing and validates a priori expectation

  16. Unanswered Questions / Future Directions • Does business/IT alignment lead to process maturity or does process maturity lead to business/IT alignment? • Why is process maturity lower for firms in less developed countries? • What are the consequences of higher/lower process maturity? (On firm performance, internal control effectiveness, etc.)

More Related