IT Governance - Science topic

thank you, identity access management, strong passwords, exclusion of ex-employee login, central login, patchment updates, anti-virus updates, layered security, are among measures to safeguard rights of users

Hi Molrani

While there is a relationship between IT Governance and Information Security, it is not a simple relationship.

I have printed a list of references on Governance+IT Governance, as well as a list of References on Information Security from my personal collection to give you an idea of how they fit together. Most of these references can be freely downloaded from Google Scholar, if you paste the title into the Google Scholar search bar.

That should give you an idea of the challenges you face, and will certainly get you thinking about the issue with some understanding of the problems faced.

I hope it helps.

Regards

Bob

enc

The effects of cyber attacks are not necessarily intangible at all. They may be very real.

All depends on what digital system is being attacked. There is an increasing number of critical control systems that are more or less vulnerable to cyber attacks, and the effect of successful hacking can run the gamut from being a nuisance only, to being deadly. And even if not control systems, cyber attacks can affect the economy, one's personal finances, one's work products, intellectual property, and any number of aspects of people's lives, in extremely tangible ways.

Just search for Application Landscape on Google and you see Dragon1. Dragon1 is a freemium online modeling and presentation platform with tools like a specialized EA Tool. www.dragon1.com/create-account

Dear Paulo, thank you for your input.

To me it appears that your suggestion is especially relevant to another topic I investigate, governance of data and data federation. However, research on inter-organizational IT governance addresses such questions as why do organizations cooperate (what are the benefits of inter-organizational ITG ), what social mechanisms promote or block such cooperation, how is inter-organizartional ITG implemented (practices used) and what issues does inter-organizational ITG address (e.g. how are revenues shared, cost reductions divided or how are members accepted into an inter-organizational ecosystem).

Best Regards, Tomi

The answer could be much simpler. If IT Management is a combination of 'IT' and 'management', then the question answers itself.

If 'management' is considered multidisciplianry, then yes, if not, then not. Most people would define 'management' as very multidisciplinary ;-)

Looking at your initial question, and defining the components, it seems that you treat 'IT' as information provisioning services instead of information technology. I suggest you first define your scope and then rephrase the question.

Hi There

Go to this site: http://istheory.byu.edu/wiki/Main_Page 

It has a huge list of IS Models/Theories in alphabetical order and Actor-Network is there. Click on Actor-Network Theory and scroll down to where is says "IS articles that use the theory" .... there are plenty and some are very recent. Enjoy and Good-luck.

COBIT 5 is the leading framework for the governance and management of enterprise information technology. http://www.isaca.org/COBIT/Pages/default.aspx.

COBIT 4.1 was released in 2007 and though it was very good, is not up to date.

COBIT 5 was published in 2012 and there are several case studies available to assist in understanding and application of the material.

Simply stated, scheduling is how you plan the work while monitoring is how you work the plan.  For complex projects, consider looking at research in earned value metrics and critical path analysis.  Both of these focus on performance to schedule.

The requirement management is a broad area since that is one of the parts of the Software development steps. Since it is more generic and the step is always there without absence. If you take the engineering the indeed you have to obey some basic principles of the engineering such as "theory", "method",  and "tools". So If you want to get in to requirement engineering, then you need to apply the theory you learned about the requirements through a best method to either collect or understand with the help of the technology tools you have. (hope i answer the question)

I hope that this discussion will continue. At the same time I want to thank every one who has contributed so far.

It seems possible that the survey we have conducted in one fairly small developed economy is fairly unique. Our IT barometer survey asks business and IT executives/managers to express how they perceive the deployment of both traditional IT and emerging technologies. Topics covered are perceived benefits and other business impacts of IT, use of IT in various organizational activities, impact of economic situation on IT, success of IT projects, IT costs,  deployment and management of IT in relation to outsourcing, cloud services, eCommerce, social media, BYOD, data management and big data, IT risk management, innovation process IT, and IT management methods such as ITIL and COBIT.

So far, I have not written many articles about the data - situation I hope to be able to change in the future.  Six-year time-series data offers good potential for that. The first draft for a proper article (written together with two of my colleagues) will come out at the Hicss 2015 conference. That paper explores the impact of IT investment consistency on IT performance with a SEM model. Should you wish to receive that paper, please, either look at the conference documentation or drop me an email and ask for the paper (tomi.dahlberg@utu.fi) 

I'm also open for proposals should you be interested to cooperate with me.   

Hello Barbara,

from my understanding you are already drifting too far into the question's problem here.

Let me ask you this question:

How would you calculate the monetary value of the benefits? How would you quantify/measure the benefits in order to sum them up?

I understand you idea of simulating two scenarios, but how do you get the necessary inputs?

My current thougts are widely spread, though very complex - possibly too complex:

Idea 1: Analyzing the business model, projecting it onto a generically defined enterprise architecture and define the monetary value of the corresponding elements/processes for its business model. Then investigating to what extent they are dependent on IT/IT is contributing and influencing them. In result you could get a precise monetary value of IT for a business model. Though it seems missing something from my point of view.

Idea 2: Combining ROI, earned value and net present value

I am eager to see the feedback on these two ideas!

Yes I hope so. I intend to present some papers. I will contact you privately.

In my opinion you could find information about how Agility could modify some approach like Agile programming, BPM agil, or IT Governance agil. Jerry Luftmant IT'-Bussiness alighment approach does not include "Agile", but probably other IT-Bussines alighment approach could be.

In my experience the value of a Business case is purely to secure the funding to resource the project. Once the project starts benefits identified in the business case are quickly forgotten and not revisited in any evaluation (if one occurs). The most well known benefits management model was presented by Ward and Daniel (1996) in their benefits management book. Other authors that would be worth searching for are John Ward, Joe Peppard, Neil Doherty and Colin Ashurst. Looking for benefits management groups on Linkedin will also provide access to a reasonably strong benefits management practitioner community. Hope that helps. Crispin

Damian is right. One should consider though that governments have to tackle considerable obstacles like

1. public sector inertia,

2. public servants' half hearted acceptance, if any,

3. insufficient funding,

4. their own lack of long term commitment ,

5. lack of various projects integration.

No project is an island and quite a few of them died along the way.