IT Governance Implementation Framework for Public Sector Organizations of Pakistan

Abstract

The use of Information Technology (IT) has become imperative for Public Sector Organizations (PSOs) to improve and sustain public service delivery and meet and extend other organizational objectives and strategies. This pervasive use of IT demands for a special focus on effective IT governance in these organizations. Consequently, effective IT governance practices need to be determined, implemented and sustained if these organizations want to encourage and achieve the desirable behavior in the use of IT. Nevertheless, IT governance is different in different organizational contexts and its implementation in PSOs is more complex than their private counterparts due to many reasons including complex intra and inter-organizational interactions & synergies, more bureaucracy & less managerial autonomy and more legal & cultural constraints etc. The PSOs in developing countries are even more challenging. Many generic frameworks, standards and tools are considered to be as best practices to implement IT governance in organizations but these have some inherent shortcomings towards the context of PSOs in a developing country. These frameworks are very generic, complex and expensive due to which these organizations may deem the practice daunting and unattainable. Therefore, a substitute framework to complement the inherent shortcomings of the existing frameworks towards the context of PSOs in a developing country is required to solve the problem. This study investigated and analyzed IT governance in Pakistani Public Sector Organizations (PakPSOs) in the context of a developing country and proposed a framework to implement effective IT governance in these organizations. The study was conducted into four phases. In the first phase, the existing state of IT governance in PakPSOs was determined and analyzed in terms of maturity through exploratory case studies of six organizations using 15 IT processes of COBIT and compared with a developed country, a developing country and the international public sector benchmark for learning, benchmarking and embracing best practices. The results indicated that the average maturity of 15 IT processes across six PakPSOs laid down between level 2 and level 3 of generic maturity model of COBIT. The process “Manage Data” demonstrated highest maturity whereas the process “Communicate Management Aims and Direction” showed lowest maturity. The results also indicated that PakPSOs performed better than a developing country and lower than a developed country and the international public sector benchmark. In the second phase, the relevant IT governance practices in PakPSOs were III identified and analyzed in terms of Critical Success Factors (CSFs) through exploratory case studies of eight organizations. The results revealed that 12 CSFs were found to be relevant to PakPSOs. In the third phase, the identified set of CSFs was validated in PakPSOs by testing and analyzing its statistical effect on IT outcomes through confirmatory study using sample data from PakPSOs. The results indicated that 11 CSFs demonstrated positive significant effect on IT outcomes. The CSF “IT/business communication and partnership” found to be most effective whereas the CSF “competitive IT professionals” found to be the least effective. In the fourth phase, the IT governance framework was developed and evaluated using design science research approach based on the results of the phase 3, more literature review and qualitative and quantitative opinions from PakPSOs. This resulted into a proposed framework for PakPSOs which consisted of effective IT governance practices in terms of CSFs, activities to implement these practices, suitable roles and appropriate IT resources to execute activities and operating environment in which it ought to be implemented. The proposed framework provides a holistic view of IT governance by not only covering five focus areas of IT governance i.e. strategic alignment, value delivery, risk management, resource management and performance measurement but also wrapping three perspectives of IT-business alignment i.e. human, social and intellectual perspectives. The results of the evaluation phase indicated that the framework proved to be useful. The study provides many practical and theoretical implications. From practitioners‟ perspective, the maturity benchmark can help the public managers in PakPSOs and similar environment to identify and improve weak areas and ultimately improve and sustain public service delivery. The identified set of CSFs can assist them to recognize limited areas where focus can be given for success. By understanding the relative importance of CSFs, they can improve their IT-related plans and prioritize limited resources accordingly. Both IT and business management personnel in PakPSOs can use the framework for planning, implementing and continuously improving IT governance in their business settings. From theoretical and academic perspective, the study fills the theoretical gap in the literature by explaining IT governance in the perspective of CSFs approach and broadens the scope of effective IT governance practices to the context of PSOs in developing countries. As compared to the other studies from the relevant literature, this study provides a holistic view of IT governance by covering both IT governance and IT-business alignment which lack in previous studies. The study strengthens the existing IT governance frameworks like COBIT, ITIL and ISO/IEC 38500 etc. The study also provides new avenues for future researchers who want to conduct research in the field of IT governance in PSOs of developing countries.