ISO 38500 is an international standard for IT governance. The guidelines of ISO 38500 can also be applied at the IT security functional level in order to guide the governance of IT security. This paper proposes the use of a strategic information security management (ISM) framework to implement guidelines of ISO 38500. This approach provides several strategic advantages to the organization by 1)...

This paper conceptualizes IT service management (ITSM) capability, a key competence of today’s IT provider organizations, and presents a survey instrument to facilitate the measurement of an ITSM capability for research and practice. Based on the review of four existing ITSM maturity models (CMMISVC, COBIT 4.1, SPICE, ITIL v3), we first develop a multi-attributive scale to assess maturity on an...

Today’s market environment requires companies to adapt to new business models and to improve their operational excellence in terms of process efficiency and organisational effectiveness. Agility and flexibility build on high-quality corporate data and powerful corporate data management. This paper proposes a framework for corporate data quality management. The structure of the framework consist...

Enterprise Architecture (EA) is a well-accepted, but relatively young discipline. Since most practices are in the early stages of maturity, our research is aimed to develop an assessment instrument to measure and improve the EA management function's ability to realize its goals. In this paper, we propose the Enterprise Architecture Realization Scorecard (EARS) and an accompanying method to disc...

Recent regulations in the United States (U.S.) such as the Sarbanes-Oxley Act of 2002 require top management of a public firm to provide reasonable assurance that they institute internal controls that minimize risks over the firm’s operations and financial reporting. External auditors are required to attest to the management’s assertions over the effectiveness of those internal controls. As fir...

The Minitrack “IT Governance and its Mechanisms” within the “Organizational Systems and Technology” Track is introduced at the HICSS conference in 2002. The goal of this Minitrack is to enhance publications on the issue of IT governance and its mechanisms. It is expected to get submissions from academics and practitioners involved in research on IT governance, Business/IT alignment, IT Balanced...

The paradigm of the Internet of Services envisions trade on a global service-enabled internet. Companies, which participate in this new world of services, face the challenges of changing market conditions, new competitive threats, and new legal regulations. Service-oriented Architectures (SOA) provide a promising way to address some of these challenges at the level of the company’s IT infrastru...

The market for software products offered as a service (SaaS) is growing steadily and has attracted suppliers from different segments of the global IT market. However, the use of the SaaS products brings a range of challenges, both in the organizational, cultural and technological areas. A difficulty that exists today is the lack of methods and models for assessing the quality of these products....