Steven De Haes,Wim Van Grembergen,Anant Joshi,Tim Huygh

DOI: https://doi.org/10.1007/978-3-030-25918-1

2020-01-01

Abstract:This book integrates theoretical advances and empirical data on Enterprise Governance in Information Technology (EGIT) with practical applications based on numerous case examples. The third revised edition of Enterprise Governance of Information Technology provides professionals and students with the most recent research advancements as well as an in-depth discussion of the recently-introduced Control Objectives for Information and Related Technologies (COBIT) 2019 framework which can be used to facilitate a tailored implementation of effective EGIT. Furthermore, the book features a new chapter which provides readers with hands-on examples from practice and clear insights on how these relate to theory. At the forefront of the field, the authors of this volume draw from years of research and advising corporate clients to present a comprehensive resource on EGIT. Featuring a variety of elements, including executive summaries and sidebars, extensive references, questions and activities and additional online materials, this book is a valuable updated resource for professionals, students and researchers alike.

Philippe Page,Paul Knowles,Robert Mitwicki

DOI: https://doi.org/10.48550/arXiv.2308.07280

2023-08-14

Computers and Society

Abstract:To address the need for regulating digital technologies without hampering innovation or pre-digital transformation regulatory frameworks, we provide a model to evolve Data governance toward Information governance and precise the relation between these two terms. This model bridges digital and non-digital information exchange. By considering the question of governed data usage through the angle of the Principal-Agent problem, we build a distributed governance model based on Autonomous Principals defined as entities capable of choice, therefore capable of exercising a transactional sovereignty. Extending the legal concept of the privacy sphere to a functional equivalent in the digital space leads to the construction of a digital self to which rights and accountability can be attached. Ecosystems, defined as communities of autonomous principals bound by a legitimate authority, provide the basis of interacting structures of increasing complexity endowed with a self-replicating property that mirrors physical world governance systems. The model proposes a governance concept for multi-stakeholder information systems operating across jurisdictions. Using recent software engineering advances in decentralised authentication and semantics, we provide a framework, Dynamic Data Economy to deploy a distributed governance model embedding checks and balance between human and technological governance. Domain specific governance models are left for further publications. Similarly, the technical questions related to the connection between a digital-self and its physical world controller (e.g biometric binding) will be treated in upcoming publications.

Johannes Schneider,Rene Abraham,Christian Meske,Jan Vom Brocke

DOI: https://doi.org/10.1080/10580530.2022.2085825

2022-06-21

Information Systems Management

Abstract:While artificial intelligence (AI) governance is thoroughly discussed on a philosophical, societal, and regulatory level, few works target companies. We address this gap by deriving a conceptual framework from literature. We decompose AI governance into governance of data, machine learning models, and AI systems along the dimensions of who, what, and how "is governed." This decomposition enables the evolution of existing governance structures. Novel, business-specific aspects include measuring data value and novel AI governance roles.

computer science, information systems

Kari Hiekkanen,M. Helenius,Ilkka Melleri,J. Korhonen

2014-08-27

Abstract:High quality data is a key source of business value, but data quality issues in organizations are often addressed inadequately and pertinent Data Governance (DG) is called for. This paper focuses on the accountability aspect of data governance: the assignment of decision rights and responsibilities pertaining to data management. We follow the design science approach and examine how Agile Governance Model (AGM) can be used as the basis of designing a pertinent governance structure for the organizational arrangement of data governance accountabilities. We distinguish common data management roles based on the literature, analyze the organizational coverage of these data governance roles, and demonstrate how AGM can be used to ensure that requisite accountabilities will be addressed throughout the enterprise at the right organizational levels and aspectual loci.

Computer Science,Business

Ryan R. Peterson

DOI: https://doi.org/10.4018/978-1-59904-654-9.ch013

2008-01-01

Abstract:Amidst the challenges and changes of the 21st century, involving hyper competitive market spaces, electronically-enabled global network businesses, and corporate governance reform, IT governance has become a fundamental business imperative. IT governance is a top management priority, and rightfully so, because it is the single most important determinant of IT value realization. IT governance is the system by which an organization’s IT portfolio is directed and controlled. IT governance describes (a) the distribution of IT decision-making rights and responsibilities among different stakeholders in the organization, and (b) the rules and procedures for making and monitoring decisions on strategic IT concerns. The objective of this chapter is threefold. First of all, to describe past developments and current challenges complex organizations are facing in governing the IT portfolio of IT applications, IT development, IT operations and IT platforms. Based upon the lessons we’ve learned from the past, one of the key objectives is to move beyond ‘descriptives’, and discuss how organizations can diagnose and design IT governance architectures for future performance improvement and sustained business growth. The final objective of this chapter is to provide a thorough understanding and holistic picture of effective IT governance practices, and present a new organizing logic for IT governance

Rene Abraham,Johannes Schneider,Jan vom Brocke

DOI: https://doi.org/10.1016/j.ijinfomgt.2019.07.008

IF: 18.958

2019-12-01

International Journal of Information Management

Abstract:<p>Data governance refers to the exercise of authority and control over the management of data. The purpose of data governance is to increase the value of data and minimize data-related cost and risk. Despite data governance gaining in importance in recent years, a holistic view on data governance, which could guide both practitioners and researchers, is missing. In this review paper, we aim to close this gap and develop a conceptual framework for data governance, synthesize the literature, and provide a research agenda. We base our work on a structured literature review including 145 research papers and practitioner publications published during 2001-2019. We identify the major building blocks of data governance and decompose them along six dimensions. The paper supports future research on data governance by identifying five research areas and displaying a total of 15 research questions. Furthermore, the conceptual framework provides an overview of antecedents, scoping parameters, and governance mechanisms to assist practitioners in approaching data governance in a structured manner.</p>

information science & library science

Carla L. Wilkin,Robert H. Chenhall

DOI: https://doi.org/10.2308/isys-52632

2019-10-21

Journal of Information Systems

Abstract:ABSTRACT This study investigates the extant literature concerned with Information Technology Governance (ITG), published in leading accounting and management information systems journals, in the period 2005 to 2017. While recent research into ITG has taken a more holistic organizational perspective, the essence remains people, product, processes, and performance. Our review reveals ITG's increasingly dual role in improving organizational capability and performance, as well as controlling and monitoring outcomes. Findings show that ITG is concerned with both governing of IT and governing through IT, presaging a more defined connection between ITG's five focus areas and Corporate Governance. Other new themes include ITG's role in improving outcomes in intra- and inter-organizational relationships, embryonic efforts to distill a theory of ITG, and emerging scenarios where the evolving role of IT in business activities is creating profound organizational implications and consequently new avenues for ITG.

business, finance

Ibrahim Alhassan,David Sammon,Mary Daly

DOI: https://doi.org/10.1080/12460125.2016.1187397

2016-06-10

Journal of Decision Systems

Abstract:Data governance is an emerging subject in the information system (IS) field. In recent years, the volume of data used within organisations has increased dramatically, playing a critical role in business operations. This paper explores the current literature on data governance and is intended to provide a comprehensive analysis of the activities involved in data governance. Six major academic databases in the IS domain were searched using key terms to identify and analyse material reflecting the current state of knowledge. A systematic procedure was developed to identify 31 papers that explicitly mention data governance activities. Open coding techniques were applied to conduct content analysis, resulting in 110 data governance activities across five decision domains of the data governance framework. These data governance activities are understood as: ‘action’ plus ‘area of governance’ plus ‘decision domain’ e.g. (define data policies for data quality). Our analysis shows a high volume of data governance activities associated with the ‘defining’ action of the areas of governance across the decision domains with a lack of reported on the ‘implementing’ and ‘monitoring’ actions.

Kristin Weber,Boris Otto,Hubert Österle

DOI: https://doi.org/10.1145/1515693.1515696

2009-06-01

Journal of Data and Information Quality

Abstract:Enterprizes need Data Quality Management (DQM) to respond to strategic and operational challenges demanding high-quality corporate data. Hitherto, companies have mostly assigned accountabilities for DQM to Information Technology (IT) departments. They have thereby neglected the organizational issues critical to successful DQM. With data governance, however, companies may implement corporate-wide accountabilities for DQM that encompass professionals from business and IT departments. This research aims at starting a scientific discussion on data governance by transferring concepts from IT governance and organizational theory to the previously largely ignored field of data governance. The article presents the first results of a community action research project on data governance comprising six international companies from various industries. It outlines a data governance model that consists of three components (data quality roles, decision areas, and responsibilities), which together form a responsibility assignment matrix. The data governance model documents data quality roles and their type of interaction with DQM activities. In addition, the article describes a data governance contingency model and demonstrates the influence of performance strategy, diversification breadth, organization structure, competitive strategy, degree of process harmonization, degree of market regulation, and decision-making style on data governance. Based on these findings, companies can structure their specific data governance model.

Denise Ko,Dieter Fink

DOI: https://doi.org/10.1108/14720701011085616

2010-10-19

Corporate Governance: The International Journal of Business in Society

Abstract:Purpose The aim of this paper is to provide an understanding of information technology (IT) governance, from both a theory and practice perspective, and to identify current theory‐practice gaps within the organisations studied. Design/methodology/approach This study developed a complementary and collaborative model of IT governance and used a multiple case approach in which IT governance is examined against the model in four major universities. Case study research is qualitative in nature enabling insights into the “how” and “why” of IT governance to be gained. Findings Based on underlying theory, the study was able to develop propositions regarding IT governance practices, observe current practices within the participating universities and establish gaps between theory and practice. The study identified theory‐practice gaps in each of three IT governance dimensions: structure, process and people. Gaps ranged in significance from small to large. Two large gaps existed which require attention: they are in respect of integrating IT governance mechanisms and raising the awareness and understanding of the concept among senior management. Research limitations/implications The model of IT governance developed for the research can be further developed and refined. In addition, the university context may have imposed limitations as different findings could arise in different contexts. Furthermore, the participating CIOs and IT directors could have brought their own values and beliefs to the research when interpreting the IT governance objectives of their university. Practical implications The model of IT governance developed for the research enables organisations to assess and map their IT governance against theoretical dimensions. By mapping observed practice against theory, the study was able to provide a mechanism of identifying theory‐practice gaps, where they existed. Originality/value IT is ubiquitous in nature because modern IT crosses organisational activities and has become strongly aligned with business activities. Thus IT governance can be viewed as an integral part of corporate governance and requires senior management's attention. However, because of the specialised nature of IT, governance in this domain has unique characteristics. Yet, current literature reflects a lack of maturity and points to diverse and inconsistent concepts of IT governance as well as variations in how IT governance is implemented. The paper reduces uncertainty for corporate executives by systematically synthesising current literature, developing a theoretical model and testing it against current practice.

Gaëlle Blanco-Lainé,Jean-Sébastien Sottet,Sophie Dupuy-Chessa

DOI: https://doi.org/10.1007/978-3-030-35151-9_13

2019-01-01

Abstract:Nowadays, all enterprises must take into account the legal frameworks at all levels of their organization. Over the past two years, the focus has been on the GDPR. This regulation on data and their processing activities impacts on the vision of the enterprise information system. In order to identify these impacts, it is necessary to define an approach to conciliate regulatory and business points of view. Our proposal is to use an enterprise architecture modeling approach to integrate regulatory concerns. This article describes a high-level Archimate model for implementing a GDPR compliance approach.

Gang Huang,Chaoran Luo,Kaidong Wu,Yun Ma,Ying Zhang,Xuanzhe Liu

DOI: https://doi.org/10.1109/ICDCS.2019.00166

2019-01-01

Abstract:Exploring and mining the explosive burst of "big data" has already generated a lot of innovative applications, especially the recent advances of AI applications, and thus produced big values to the human society and civilization. However, due to the centralized patterns of data governance activities, including creation, sharing, exchange, management, analytics, tracing, and accounting, the potential values of big data distributed on the Internet are far away from being adequately explored. The recent announcement of data protection policies/laws such as GDPR makes the problem even more challenging. We are now at a moment of truth where the data governance infrastructure should be reconsidered and redesigned. In this paper, we propose a software-defined infrastructure design in a decentralized fashion: data owners are able to implement and deploy their own rules to the application systems where the data are produced for further governance activities. Such a fashion is quite similar to the popular software-defined networking where users are allowed to deploy rules of switches and customize the uses. Our principled infrastructure design can radically reform the current data governance activities into a decentralized topology. On the one hand, data can be separated from the application that generates the data, and data owners can have the full rights to decide where their data should be stored and how the data can be shared. On the other hand, data users can search, discover, integrate, and analyze the data from various data sources according to their application requirements and scenarios. As a result, we argue that our infrastructure can establish a new generation of responsive decentralized data governance that can promote the innovation of linking data to the better adaptation of the open environment and the diverse user requirements. With this perspective, we briefly discuss some key insights and enumerate several related new technologies and open challenges.

Mayur M. Chikhale,Mo Mansouri

DOI: https://doi.org/10.1007/s40171-015-0098-9

2015-07-26

Global Journal of Flexible Systems Management

Abstract:The struggle of multinational organizations has long been on the mind of researchers studying the multinational operations of large scale enterprise systems. To counter the struggle, several approaches have been suggested, focused on aligning business strategy with the allocation of resources. However, existing governance issues have led enterprises to employ quick ad-hoc strategies. Through this paper, we emphasize on the need for an agile and collaborative approach to effective governance in order to enhance management in large-scale business systems like Apple Inc through consistent value creation. The proposed framework aligns the key elements of the enterprise system that can act as enablers for effective governance.

顾新建,李荣彬

DOI: https://doi.org/10.3969/j.issn.1006-3269.2001.04.001

2001-01-01

Abstract:In this paper, a new view of enterprise is put forward. Its main characteristics is to view enterprise as some of process, information, capital, knowledge, culture et al. On the basis of the integration of these and the view of taking enterprise as life, the life flow of enterprise is formed. The significance of this view is that the some essence and complex inherence relationship can be described better, the development direction and stratagem of enterprise can be explained better.

Ryan Peterson

DOI: https://doi.org/10.1201/1078/44705.21.4.20040901/84183.2

2004-09-01

Information Systems Management

Abstract:Information Technology (IT) governance has emerged as a fundamental business imperative, and rightfully so, because it is key to realizing IT business value. IT governance describes the distribution of IT decision-making rights and responsibilities among different stakeholders in the enterprise, and defines the procedures and mechanisms for making and monitoring strategic IT decisions. This article presents a holistic view of IT governance, in which structural, process, and relational capabilities are an integral part of an effective IT governance architecture. the article concludes with an IT Governance Assessment Process (ITGAP) model, with which business and IT executives can assess the effectiveness of their company&#x27;s current IT governance architecture.

computer science, information systems

Judie Attard,Rob Brennan

DOI: https://doi.org/10.1007/978-3-030-02671-4_33

2018-01-01

Abstract:Data is quite popularly considered to be the new oil since it has become a valuable commodity. This has resulted in many entities and businesses that hoard data with the aim of exploiting it. Yet, the ‘simple’ exploitation of data results in entities who are not obtaining the highest benefits from the data, which as yet is not considered to be a fully-fledged enterprise asset. Such data can exist in a duplicated, fragmented, and isolated form, and the sheer volume of available data further complicates the situation. Issues such as the latter highlight the need for value-based data governance, where the management of data assets is based on the quantification of the data value. This paper has the purpose of creating awareness and further understanding of challenges that result in untapped data value. We identify niches in related work, and through our experience with businesses who use data assets, we here analyse four main context-independent challenges that hinder entities from achieving the full benefits of using their data. This will aid in the advancement of the field of value-driven data governance and therefore directly affect data asset exploitation.

Miguel AP Oliveira,Stephane Manara,Bruno Molé,Thomas Muller,Aurélien Guillouche,Lysann Hesske,Bruce Jordan,Gilles Hubert,Chinmay Kulkarni,Pralipta Jagdev,Cedric R. Berger

2023-11-24

Abstract:Individuals and organizations cope with an always-growing amount of data, which is heterogeneous in its contents and formats. An adequate data management process yielding data quality and control over its lifecycle is a prerequisite to getting value out of this data and minimizing inherent risks related to multiple usages. Common data governance frameworks rely on people, policies, and processes that fall short of the overwhelming complexity of data. Yet, harnessing this complexity is necessary to achieve high-quality standards. The latter will condition any downstream data usage outcome, including generative artificial intelligence trained on this data. In this paper, we report our concrete experience establishing a simple, cost-efficient framework that enables metadata-driven, agile and (semi-)automated data governance (i.e. Data Governance 4.0). We explain how we implement and use this framework to integrate 25 years of clinical study data at an enterprise scale in a fully productive environment. The framework encompasses both methodologies and technologies leveraging semantic web principles. We built a knowledge graph describing avatars of data assets in their business context, including governance principles. Multiple ontologies articulated by an enterprise upper ontology enable key governance actions such as FAIRification, lifecycle management, definition of roles and responsibilities, lineage across transformations and provenance from source systems. This metadata model is the keystone to data governance 4.0: a semi-automatised data management process that considers the business context in an agile manner to adapt governance constraints to each use case and dynamically tune it based on business changes.

Artificial Intelligence,Information Retrieval

Guillermo Fuentes-Quijada,Francisco Ruiz-González,Angélica Caro

DOI: https://doi.org/10.1007/s10796-024-10473-2

2024-02-22

Information Systems Frontiers

Abstract:Current software development practices are transforming the governance and management of software projects with the objective of aligning software products/services with business needs, ensuring business continuity, optimizing resource allocation, and fostering strong stakeholder relationships. The innovative BizDevOps approach has emerged as a response to these challenges, since it extends DevOps by incorporating an additional cycle and involving non-IT stakeholders with a focus on business-IT alignment. The application of IT Governance practices is crucial as regards ensuring the success of complex BizDevOps projects, and this paper, therefore, presents a systematic mapping study that explores the approaches for BizDevOps and encourages DevOps proposals that will seamlessly integrate with the business lifecycle. It examines the support provided by IT Governance practices and investigates the potential roles of Enterprise Architecture. The study analyzed 86 primary studies and 11 secondary studies, revealing a lack of empirical validations and a prevalence of recommendation-oriented papers without concrete solution proposals. These findings highlight the need for further research with which to validate BizDevOps practices and provide actionable insights.

computer science, information systems, theory & methods

Xuejiao Li,Yang Cheng,Xiaoning Xia,Charles Møller

2024-06-21

Abstract:In the dynamic landscape of contemporary business, the wave in data and technological advancements has directed companies toward embracing data-driven decision-making processes. Despite the vast potential that data holds for strategic insights and operational efficiencies, substantial challenges arise in the form of data issues. Recognizing these obstacles, the imperative for effective data governance (DG) becomes increasingly apparent. This research endeavors to bridge the gap in DG research within the Operations and Supply Chain Management (OSCM) domain through a comprehensive literature review. Initially, we redefine DG through a synthesis of existing definitions, complemented by insights gained from DG practices. Subsequently, we delineate the constituent elements of DG. Building upon this foundation, we develop an analytical framework to scrutinize the collected literature from the perspectives of both OSCM and DG. Beyond a retrospective analysis, this study provides insights for future research directions. Moreover, this study also makes a valuable contribution to the industry, as the insights gained from the literature are directly applicable to real-world scenarios.

Databases