UNIVERSITY OF WATERLOOCENTRE FOR INFORMATION INTEGRITY &INFORMATION SYSTEMS ASSURANCE 7TH BI-ANNUAL RESEARCH SYMPOSIUMOCTOBER 20 – 22, 2011

ON IT GOVERNANCE STRUCTURES AND THEIR EFFECTIVENESS IN COLLABORATIVE ORGANIZATIONAL STRUCTURESPRASAD, GREEN, HEALES

DISCUSSANT’S COMMENTSJERRARD B. GAERTNERCA•CISA/IT, CGEIT, CISSP, CIPP/IT, CIA, CFI, I.S.P., ITCP

The Observation

Organizations are entering into various forms of alliances to enhance competitiveness.

Many such alliances have shared IT resources as a backbone.

Web 2.0 technologies are affected the organizational design and structure of such alliances.

The Questions

Can organizations involved in collaborative ventures at the heart of which is an enabling information technology (collaborative organizational structures - COS) enhance performance by implementing co-created and inter-organizational IT governance structures?

What form of IT governance structure is required for COS to sustain themselves?

How effective are such structures in terms of enabling sustainable IT-related capabilities as an end in itself and as proxy for business value at the process and organization (firm) level?

The Proposed Explanation

Four IT governance structures are identified which together constitute co-created (shared) IT governance for the COS.

Co-created IT governance enhances the sustainability of (a) top management commitment to IT for the good of the COS, (b) shared organizational knowledge, and (c) flexible IT infrastructure.

Commitment, knowledge and flexibility enhance internal business processes, which in turn enhances customer service.

Enhanced business processes and customer service together result in enhance firm level performance.

The Formal Hypotheses

H1, H2, H3: Co-created IT governance in COS positively affects the sustainability of (a) top management commitment to IT for the good of the COS, (b) shared organizational knowledge, and (c) flexible IT infrastructure respectively.

H4a, 4b, 5: Top management commitment to IT for the good of the COS, shared organizational knowledge, and flexible IT infrastructure positively affect internal process performance.

H5: Internal process performance positively correlates with customer service improvements.

H6, H7: Internal process and customer service performance improvements positively correlate with firm level performance (business value) improvements.

The Experimental Method

Conduct 16 “mildly semi-structured” interviews spanning 5 organizations involved with COS to determine broad conceptions and themes for IT governance in COS.

Create/validate a survey based on the results of pilot tests using 10 faculty and 20 MBA graduate students.

Survey 741 target companies non-randomly selected from the ORBIS database (15.9% response rate) and perform a statistical analysis of responses to test hypotheses.

The Results

The authors state that all hypotheses were confirmed by the research methods employed.

The authors note limitations in applicability based on low response rate, unaddressed issue of causality, and potential bias based on omitted variables such as organization size and experience level.

A few definitions – IT Governance

IT governance, focusing on information and IT assets, specifies the right decisions and accountability framework to encourage desirable behaviour in the use of IT (Weill and Ross, 2004)

IT governance is the responsibility of the board of directors and executive management. It is an integral part of enterprise governance and consists of the leadership, and organizational structures and processes that ensure that the organization’s IT sustains and extends the organization’s strategies and objectives. (ITGI 2003, 2007)

Are we asking the right questions (defining the structures)? The authors conducted “mildly semi-structured” 30

minute interviews with 16 individuals drawn from 5 organizations (initially 12) selected by the authors. Interview questions were not disclosed.

It is indeterminate from the excerpts of interviews provided whether the questions included: How are you managing your IT in a COS

environment? How do you govern your IT in a COS environment? How do you define IT/enterprise governance? Are your governance structures as currently

implemented working effectively? What do you believe the required or most effective

IT governance structures are in a COS environment?

Are we asking the right people (defining the structures)?

Of the 16 interviews conducted, few or none appears to have been with Board members. 4 of the 16 interviews were conducted with CIOs (average age 40 years), 1 with a Managing Director and 1 with “Director” Operations. The 10 remaining interviews were with managers whose average age was 35 years.

Average of work among interviewees experience was 10 years.

No objective criteria were provided by the authors regarding the selection of the initial 12 organizations, the eventual subset used of 5, or the choice of interviewees.

Are we asking the right questions (testing the hypotheses)? The authors conducted 741 surveys of

organizations they selected. Specific selection criteria were not provided.

118 valid responses (15.9%) were received from a variety of industries.

The contents of the survey were not disclosed. The survey was vetted by highly knowledgeable

faculty and graduate students not necessarily representative of the respondents.

The survey was not evaluated in terms of possible inherent survey bias or leading questions.

Are we asking the right people (testing the hypotheses)?

No information was provided by the authors on survey respondents except “The respondents included the Director of Management Information Systems, and Chief Information Officers, with good industry experience.” p.29

Propagating uncertainties

The four identified IT governance structures were combined into a higher order structure for purposes of statistical analysis. R2 ~ 98%

Based on the author’s calculations, this higher order structure explains about 20% of the observed variance in “management commitment”, “shared knowledge” and “flexible IT”.

These factors in turn explain about 50% of the variance in “internal process performance” which itself explains 24% of the variance in “customer service”.

Finally, “internal process performance” and “customer service explain 37% of the variance in firm level performance.

Unsupported statements

The emergence of Web 2.0 tools is having a profound effect on the nature and form of these alliance structures (p.1)

These alliances heavily depend on and make radical use of the IT resources in a collaborative environment (p.1)

Cooperative IT platforms will require different IT governance structures to monitor and manage the IT assets (p.6)

Organizations that collaborate can renew their collaborative competencies though innovative responses by appropriately adapting, integrating… organizational skills, resources and competencies (Teece et al., 1997). Dynamic IT governance structures are essential to achieving this outcome (p.7)

Unsupported statements

The recursive IT governance-related learning is an important catalyst for continued success of collaborative structures (p.8)

The proliferation of Web 2.0 resources mean that organizations’ engagement into collaborative alliances will grow exponentially (p.16)

Two IT related management capabilities [top management commitment, flexible infrastructure]… have featured prominently in the IT business value research.… Together, they constitute key IT-related business elements, and their sustainability will ensure appropriate business value of the acquired IT resources (p.19)

Analysis and Comments of Discussant It is well established that improvements in IT

governance, in a technology dependent organization, often lead to performance improvements at the organizational level.

It follows naturally that the same would apply to a COS, with possible adjustments required to account for the sharing of ownership, leadership and management.

Governance structures (as opposed to management methods and organizational design) need not be dynamic in a dynamic environment. In fact, argument could be made that governance must provide a stable framework for the dynamism of the organization to be expressed, but nevertheless effectively managed and controlled.

Analysis and Comments of Discussant To ascertain optimal governance structures in COS, if

such even exist, requires study of both successful and unsuccessful organizational alliances.

It also requires understanding the perspective of the owners of IT governance – the Board and Executive Management.

Operational management, including in many cases the CIO, manage and execute within a framework of IT governance but do not necessarily have insight into it.

Sampling bias, small sample size, possible survey bias, validation by the cognoscenti, inappropriate respondents reduce the value of this nevertheless worthwhile and interesting undertaking.

Future research

Focus on the theoretical basis of IT governance and how COS may affect its structure

Optimum IT governance structures Improved survey design including Board

members, vetted in advance by typical respondents

(As the authors suggest) longitudinal studies and determination of causation

Impact of pre-existing IT governance structures on the ease with which a COS can be created

IT control framework in a COS