Critical Analysis of Information Technology Governance Frameworks

Critical Analysis of Information Technology Governance Frameworks

Owen Harvey Balocon

Polytechnic University of The Philippines Santa Rosa City Campus, Philippines

DOI: https://doi.org/10.51584/IJRIAS.2025.10020035

Received: 06 February 2025; Accepted: 12 February 2025; Published: 13 March 2025

ABSTRACT

This article aims to provide a description of the different information technology governance frameworks and analysis of their importance and relevance. IT governance frameworks provide the scaffolding of management of information technology in terms of people, business, and technology. These frameworks also provide alignment of the business with IT. The research delved into the five governing frameworks used in industries namely; Control Objectives for Information and Related Technology (COBIT), IT Infrastructure Library (ITIL), Val IT Framework, ISO/IEC 38500: Corporate Governance of IT, and the Calder-Moir Governance Framework.

The study used a descriptive type of research and utilized document analysis and literature review as the main methodology. The proponents gathered different articles, literature, and studies from credible sources of research repository and analyzed the statement and findings. The findings of the study reveal the importance and highlights of each governance framework, and how they can be utilized to better align the business and information technology. One of the findings of the study is that IT governance frameworks’ main goal is alignment of the business, providing value to IT assets, compliance with standards, considering all factors of the business process (people, process, and technology), and ensuring that information technology is well managed and governed. In the study it is also stated in every framework a conclusion of the studies researched. The conclusion provides more than the summary; it showcases the highlights, importance, and relevance to today’s IT and business operations. The study does not present the best framework to be used, nor a comparative analysis is shown, rather the study only describes each framework and analyzes its importance. The discussion of each framework showcased a better understanding than the theoretical explanation.

Keywords: IT Governance Framework, Control Objectives for Information and Related Technology (COBIT), IT Infrastructure Library (ITIL), Val IT Framework, Project Management Institute (PMI) Framework, ISO/IEC 38500: Corporate Governance of IT, Calder-Moir Governance Framework.

INTRODUCTION

Nature and Background of the Study

Information technology has been around for hundreds of years and has grown to different areas and branches such as software development, network administration, graphic design, web application, frameworks, etc. These constitute not only software but hardware and other technologies and infrastructure. With the growing number of technology, people who are now knowledgeable in this field, also considering the integration of business operations and technology. issues come to rise and challenges are now being faced in terms of its proper management and governance. The main question of companies is, how do we integrate our existing and future technology with the vision, mission and goals of our company?

Company goal alignment is very important in running a business or company. Majority of companies have their own human resource, accounting, sales, operations, and many other offices or departments. These departments contribute not only to the daily operations of the company, but also to the sales, performance, and success of the company as a whole. That is the reason why departments and offices must consider all the goals and missions of the company, be it long term or short term, aligned with their operations. This is also true and evidently needed in the field of information technology.

Aristotle was coined for saying, “The whole is more than the sum of its parts.” the goal of the information technology department must be aligned to the main goal of the company, it’s having a holistic view, a systematic approach in the operations of IT. For this reason, IT governance provides a framework that will provide solutions in aligning and integrating technology to attain a company’s goal and vision.

There are several known COBIT and ITIL IT governance frameworks and unpopular frameworks that exist in some companies. The purpose of this paper is to define and critically analyze these frameworks to understand their existence, purpose, and use to the company and organizations.

Objectives of the Study

The main objectives of this study is to identify the different information technology governance frameworks and provide conclusions on how these frameworks assist companies in aligning their objectives with information technology. Analysis shall be provided to each framework through literature and study review.

Scope and Limitations

The conducted research revolved in the discussion of different information technology frameworks and providing the researcher’s own understanding and insight of all collected reliable sources. The research seeks to understand the use of each framework by dissecting information provided. Also, a diagram or any graphical representation is presented for each governance framework. The study does not recommend the most efficient framework and did not develop a new governance framework.

Research Significance

Significance of study includes all members particularly the management of companies with  information technology departments or offices. The study will contribute to a better understanding of the use and benefits of governance frameworks. Also, the study shall provide benefit to researchers, students, and individuals who are pursuing their career in information technology management, as this will provide them new understanding and philosophy of how information technology management and governance are implemented.

METHODOLOGY

The study used descriptive design in collecting the needed information for the study. The study did not use sample population since the study used critical analysis through literature review. Literature or narrative review as defined by the University of Texas Library “is a comprehensive review and analysis of the published literature on a specific topic or research question” The researchers used literature review to analyze, dissect and comprehensively define each IT Governance Framework and from there provide a comprehensive conclusion. Each framework consists of five studies or literature and one conclusion.

RESULTS AND DISCUSSION

Defining Information Technology Governance

Information Technology Governance was defined by the IT Governance Institute as the ability of the governing body or the executives of the company to responsibly lead their organization that involves leadership, organizational structure and processes. The main goal is to align the support and operations of the information technology with the business’s goals, vision, and organizational strategy.

In reference to Haes, et al (2009) and Ross (2004), the authors have stated that information technology governance aligns IT with the business objectives of the company and it has been proven that alignment of IT and business objectives has a correlational effect in terms of company performance. Also, IT Governance directs all IT frameworks to be as easy as possible to understand, to be well designed, and to gain transparent mechanisms. With these effects, it is important that companies consider using IT governance frameworks in th operations, audit, and evaluation to achieve alignment of the objectives of the company as a whole and the information technology.

According to Weilll (2002), that information technology governance is highly efficient in aligning the businesses objectives. As businesses identify first the business culture, preferences, priorities, and limitations it is similar to what IT governance frameworks do – effective development, management, and usage of IT that is aligned to the business objectives and goals.

Control Objectives for Information and Related Technology (COBIT)

According to the study of Khter, R. A. And Othman, M. (2013), COBIT or Control Objectives for Information and Related Technology is a governance framework that enables directors, managers, and executives to bridge the gap of business requirements, risks and shifting the control to the stakeholders of the company. The framework harmonizes and provides stability to the company’s operation in utilizing information technology as it aligns with the business requirements. The simplicity of the COBIT framework is that all business requirements are used to acquire assets or investments in IT resources then used in the process (IT) which delivers enterprise information and lastly it responds to the business requirements, it is a loop or a cycle where IT resources are assured to target all the requirements and needs of the business.

In the study of Nugroho, H. (2014) The governance of information technology was discussed. According to him businesses must consider proper governance with information technology to successfully integrate IT with business. COBIT framework provides assistance and a comprehensive framework for the governance and management of information enterprise. IT Enterprise involves all sorts of technology from software, hardware, network, and everything that involves technology. COBIT framework enables the company to manage and direct information technology in achieving the goals of the company. The advantage of COBIT framework as stated in the study is that it is “generic and useful for enterprises” despite its size – major and micro companies and with or without IT departments.

COBIT has been upgraded throughout the year and the latest is COBIT 5. In their study Ndlovu and Kyobe (2016) described the new version as enterprise information centered and that the information technology governance framework applies to all levels of the business from operational, strategic, and executive. Also, the framework provides a proper view for the management to realize the benefits and consider the risks and identify the benefits of information technology in their businesses. The results of their study provided areas to consider when migrating to the COBIT 5 framework, namely; structure, people, managerial tasks, and technology. After identifying these areas companies must consider the migration approach to successfully implement the new framework. In summary of the results, it is important to consider the migration approach in integrating a new governance framework like the COBIT 5.

The framework has gained its popularity due to its straightforward approach. In the book entitled IT Governance based on CobiT 4.1 – A Management Guide by Koen Brand, Harry Boonen, they have provided information not only to the definition of COBIT, rather the users or target groups. According to the authors there are several target groups for the framework, namely; managers, security specialists, business consultant, IT process consultant, certifier, IT auditor, project manager, IT service manager, IT developer, quality controller, business process analyst, and end-user. These users will benefit mainly from the framework to better understand, assess, and manage the risks and realize the benefits of information technology. The framework also conveys results to the target stakeholders. With these results from the framework this could lead to the creation of new policies and good practice control of information technology.

To better understand the COBIT framework, figure no. 1 provides a detailed representation of COBIT from the study of Raodeo, V. (2012). It shows the five major areas of COBIT which are information, plan and organize, acquire and implement, deliver and support, and monitor and evaluate. Where all of these areas influence the use of the IT resources, each area has detailed indicators or called the “34-high level control objectives” that is used in measuring and monitoring the company’s information technology alignment with the goals and objectives. COBIT, according to the author, shows a strong auditing and control perspective.

Fig. 1 Control Objectives for Information and Related Technology (COBIT) Framework

Conclusion: Control Objectives for Information and Related Technology or COBIT plays a crucial role in governing information technology ensuring it is aligned with the goals and objectives of the company. Throughout the analyzed studies it is evident that COBIT focuses on ensuring that business needs are met through a cycle or loop. Also, the framework is a straight-forward and easy to understand tool for companies, also the reason why there are frameworks where COBIT was the basis and inspiration. It is also important to take into consideration that COBIT has multiple benefits and beneficiaries. With these advantages and benefits it is evident that COBIT has and can provide proper governance for companies, sustain the technology investments, and realize the risks and benefits of acquiring information technology.

IT Infrastructure Library (ITIL)

ITIL or Information Technology Infrastructure Library was first developed and published in the 1980’s this was explained by the authors Gervalla, M., Preniqi, N., and Kopaceck, P. (2018) The authors also provided that the ITIL governance framework had 3 versions being the version 3 the updated version having 5 books and 26 other operations. The ITIL framework is composed of 5 phases which are; (1) service strategy, (2) service design, (3) service transition, (4) service operation, and (5) continual service improvement. All of these phases are centered in one goal of the framework which is service strategy. According to the authors, the ITIL framework provides a holistic approach in governing information technology. Similar to other governance frameworks, the ITIL promotes sustainability, control and management to the organization. Additionally, the framework provided alignment with business and IT to be specific operating in the strategic level of the company. Lastly, ITIL focuses on service management and strategy, these services and strategies assist the company to plan out and assess the current status of their organization if they do realize that the organization’s information technology is aligned with the bigger goals and objectives of the company.

Service management is the heart of any business and organizations. ITIL revolves on this concept of assuring the best quality of service is provided. This is the highlight of the study of Tounsi, A., Sekhara, Y., Medromi, H. (2015) That ITIL is part of the IT service management and like other studies mentioned in this study, ITIL has five areas or service strategies. Tounsi, et al. Emphasized that ITIL provides indicators and practices which are generic and suits to all types and sizes of businesses or organizations. The framework provides a holistic view of an organization’s objectives, goals, operations, and interaction with stakeholders to the services it provides, especially in the field of information technology. In a nutshell, the ITIL framework was emphasized in this part of the study as a service management tool capable of leveraging the company’s alignment, service, planning and management.

After defining ITIL it is fitting to discuss the positive and negative implications of the framework and its relevance in the IT Governance community. In the study of Hamzane, I., Belangour, A. (2019), they have indicated some positive factors of the ITIL framework in companies are “time saving, cost reduction, defining more precise roles and responsibilities, better user satisfaction, better productivity/ efficiency, IT services of better quality, and adaptation to customer needs facilitated” the negatives are “very little known to the general public, there is a very little information on the Internet, and complex (an individual has to be an expert as it concerns the network, system, application, BD and have a global vision of the IS) The authors also identified criteria to score the ITIL and other nine governance framework the scoring involved the generally accepted level of maturity in IT governance, it shows that ITIL is optimized in IT Value delivery, and shows signs of managed in IT strategic alignment, risk management and performance measurement.

Governance frameworks are best explained when practices are implemented. According to Sebaaoui, S., Lamrini, M., Bouayad, A., Abbadi, L. (2019) ITIL was analyzed on how it can be best applied in enterprises, in one of their results they do recommend two ways first is based also on other studies and the other is based on experts’ suggestions. Based on the studies ITIL can be best implemented when offered to small companies, identification of general frameworks used in IT offices of major companies, propose a guide on how to implement ITIL, present a set of key performance indicators in successfully meeting the ITIL, and present a roadmap of the ITIL implementation. According to experts they do suggest that ITIL is best implemented in small to medium sized enterprises, propose a five-step approach to ITIL implementation, and present ITIL together with the best practices of the PMBOK framework.

Fig. 2. ITIL Governance Framework

Above is the diagram presentation of the ITIL framework based on the article written by Karl, T. (2023) in their official website, New Horizons. IT shows the ITIL version 3 framework where ITIL is at the center surrounded by service operations, service transition, service design, service strategy, and continual service improvement. IT shows how the ITIL framework prioritizes services above anything else. The diagram is not a linear process rather in circular motion that each must area must help to attain service quality with information technology.

Conclusion: The ITIL framework stands for Information Technology Infrastructure Library which stands on its main goal and that is to promote and preserve quality in service. The framework is composed of libraries which are under the five service areas of the framework. The framework which was developed in the 80’s has proven itself throughout the years from version 1-3 and now having a new version to be released according to authors. Though recommendations were provided that the framework is best for small to medium sized companies still it can operate in large and major firms. The framework has a long-standing history as one of the first IT governance frameworks similar to the ISO and CMMI. The framework is suitable to all companies despite its size and status. IT will always promote service and IT and business alignment.

Val IT Framework                                 

VAL IT is defined as a framework to realize the full potential of businesses in acquiring information technology materials. This is the definition provided by Kozina, and Popovic (2010) in his study about the VAL IT Governance framework, he also emphasized that the framework was made to align and compliment with the Control Objective for Information and related Technology (COBIT). According to him, the main goal of the VAL IT framework is to bring value to the company the IT related business investments. Since, VAL IT is related and aligned with the COBIT framework, it is important to understand that the framework answers the four major IT governance questions which are “Are we doing the right things”, “Are we getting the benefits?”, “Are we doing them in right way?”, and “Are we getting them done?” In his concluding paragraph, Popovic emphasized that COBIT identified the positive practices of the company and VAL IT identifies the company’s tangible and non-tangible value and benefits in acquiring information technology.

Val IT is defined by Suzangar, A., et al (2011) as providing value management principles and these principles give value to information technology investments in the business. VAL IT is composed of 3 domains, namely (1) Value Governance, means that a company ensures that value management is embedded in the practice of the institution, (2) Project Management, securing that the institution’s optimal value is aligned with the acquisition of information technology, and last (3) Investment Management, assuring that all acquired investment add value to the company and the desired output is acquired.

After defining the meaning and purpose of VAL IT, it is important to understand the relevance of VAL IT with IT Governance. In a paper authored by Mohd Ali (2020), the framework suggests that it holds the management by providing a roadmap and definition of the processes that should be followed or act a guide to follow by executive members of the company. Also, this (VAL IT) provides a clearer understanding for IT professionals to properly govern and add value to the investments of the company. The framework shows a clear and proven practice of providing a holistic approach of information technology governance. In overall the framework provides a direct link of valuing its investment in IT with the business.

In their article, Lombardi, et al (2015) explained the creation of value with information technology and with emphasis on the use of VAL IT in achieving it. Lombardi and co-authors stated that the governance framework provides guidance for organizations in identifying and implementation of information technology investments in realizing its long-term value. Additionally, VAL IT Framework provides an opportunity to companies to choose investments that possess high potential of value creation (as stated in the article). While companies value high potential of value creation it demonstrates wider possibilities of success in implementation, defining goals, and strengthening the company’s services.

To better understand the use of VAL IT Framework, Figure No. 3 shows the diagram as sourced from the official book of VAL IT of IT Governance Institute.

The framework is divided into three parts having the center the VAL IT framework. The first is the Research Part where benchmarking and empirical analysis can be identified, this part explains that continuous benchmarking and analysis of internal and external factors are practiced to identify the value of investing in information technology. The second part is the publications which includes technique guides and cases. This part provides avenue to companies to continually disseminate information through cases and guides, and the last part is the services in particular enterprise exchange and community influence. This last part shows hoe companies can better serve the community and exchange best practices. Looking at the framework’s diagram it  shows continuous development and loops of ideas and experiences being exchanged, with this the company realizes the value of the invested information technology. According to the book, the VAL IT aligns itself and “complements ITGI’s CobIT framework” where it delivers high quality IT related information.

Fig. 3 Val IT Governance Framework

Conclusion: The Val IT framework mainly focuses on the value creation of information technology by considering the three main parts of the framework. Additionally, the framework provides continuous exchange of ideas and information until value is realized by the company or organization. This framework is best suited for complex and big companies with the mechanism to apply all the areas stated in the framework. However, companies who are micro in status can still use the other parts provided that at the end realization of value is attained. All articles stated in this framework points out to value creation and realization of companies with information technology, but is is important to note that there are two versions of VAL IT Framework thaw was explained the first version discussed the three areas which are value governance, project management, and investment management, though the two versions have different perspectives and explanation still leads to value creation.

ISO/IEC 38500: Corporate Governance of IT

Based on the official site of IT Governance, the ISO/IEC 38500 Corporate Governance of Information Technology provides an international standard guide for governing IT for management. Also, the standard provides and informs directors of IT about efficiency and acceptable usage of IT in the company or organization. It has six principles, namely; (1) establish responsibilities, (2) plan to best support the organization, (3) make acquisitions for valid reasons, (4) ensure necessary levels of performance, (5) ensure conformance with rules, and (6) ensure respect for human factors. The framework had a straight forward implementation and definition which became the challenge for companies to comply, however other frameworks that evolved liked the calder-moir provided another way on how to comply with the ISO.

In the presentation of Feltus, C. (2008) It is explained that the primary objective of the ISO/IEC 38500 standard is to provide a framework of principles for directors to use when evaluating, directing, and monitoring the use of information technology (IT) in their organizations. A special portion from the presentation is defining the difference between governance and management. Feltus stressed out that these two are different. Management, according to him, are members of the governing body. Governance involves advising, informing, and assisting directors. Also, itt was stated that the framework was applicable to all organizations, despite their size, purpose, corporate structural design and ownership status. In summary of the presentation it can be interpreted that the main objectives of the standard is to assist and promote the positive effects of the framework by all members of the company’s stakeholders.

In a journal published by Almaawi, A., Alsagaaf, L., Fasihuddin, H. (2020), they have stated that the ISO/IEC 38500 started from the Standards Australia Committee IT-030 and was published in January 2005 then became ISO/ IEC 38500 by 2008. The framework’s name was from two organizations who developed and published the framework jointly, the ISO, meaning International Organization for Standardization and IEC meaning International Electrotechnical Commission. The framework had a main goal to assist the executive management of any company to understand, comply    with legal standards, regulations, and ethical obligations with aligning their information technology use. According to the authors and their references, the framework is designed to promote effective, efficient, and acceptable use of IT in organizations by 1) assuring stakeholders confidence in the organization’s IT Governance; 2) informing and guiding directors in governing the use of IT in their organization; and 3) providing a basis for objective evaluation of the corporate IT Governance

Before delving into the graphical representation of the framework, a better understanding of the terms used in this framework was provided by McGrath, S. (20XX). According to the author ISO stated the terms “Directors should”, It is a direct structure for organizations to apply the framework. Also on their study it is defined the word governance. It means the system by which organizations are directed and controlled. (Adapted from Cadbury 1992 and OECD 1999). With this definition, it creates a new meaning for executives that the corporate governance of IT is a “…system by which the current and future use of IT is directed and controlled. Corporate governance of IT involves evaluating and directing the use of IT to support the organization and monitoring this use to achieve plans. It includes the strategy and policies for using IT within an organization” A graphical representation and explanation of the ISO/IEC 338500 is well presented by Brohi, et al (2011) see Figure 4.

Fig. 4 ISO/IEC 38500 Framework

ISO/IEC 38500 revolves its main core in the tree responsibilities of the management which are evaluating, monitoring, and directing. Evaluating involves setting targets. Executive management tends to use strategic planning as the official tool in doing so, however the framework considers the business pressures and business needs. Next is the monitoring. Monitoring deals with the measurement of the technology’s performance versus the company’s targets and goals. This part monitors the operational level of the organization if the outcomes are aligned with the target of the company, during this phase the board of the company is not in direct contact with the operational level thus leaving the responsibility to monitor it to the management. Last is directing. Directing is used in this framework as a measurement related to the possible deflection from the perceived targets. During this stage or part of the framework it involves realigning the operations of the team with the goals of the company, still there is no direct involvement from the board as it will have a violation.

Conclusion:  It is evident that ISO/IEC became the pattern and scaffolding of all other frameworks. It focused on three areas; direct, evaluate, and monitor. The framework valued the alignment of information technology and compliance with internal and external factors mainly because it produces the successful operations of the company. Also, in some of the studies governance and management is defined not as a different entity, but interconnecting. The definition of governance provide an understanding of how IT governance works which is evident in all the studies researched. IT Governance in ISO/IEC is all about directing, evaluating, and aligning information technology with the business. Several frameworks steamed out from the ISO/IEC   38500 one of which is the Calder-Moir Framework which has been used by major and micro companies.

Calder Moir Governance Framework

In the official website of IT Governance an IT company based in Europe, the Calder-Moir framework is defined as a governance framework that was built to design and to assist companies with overlapping and competing frameworks available and standards. Also, the another goal of the framework is to dispense the most efficient practice contained in the international standard for IT governance and ISO/IEC 38500.

Calder-moir framework was defined by Chevauche (2019) as a “straightforward tool” to assist the organizations in applying the methods of ISO 38500 standard for IT governance. Chevauche also stated that the Calder-Moir does not provide a new solution rather it is a collection of all the frameworks available, the Calder-Moir addresses the components of businesses such as the management, people, operations, and technology providing an “end-to-end” solution for the company. Because the framework addresses all facets of the company this provides a harmonious process for the IT community within the company.

The Calder – Moir as explained by Chevauche is a two-part hexagon shaped framework which is divided to plan and check. Figure No. 5 provides the explanation by the author. The upper part provides the decision and planning process of the company and the bottom part is creating the capabilities that lead to the delivery of business and services by the use of information technology. Starting at 9 o’clock from the upper part and rotating in clockwise is the process or flow of the framework. Each turn must be checked in each layer if itr adheres to the ISO/IEC 38500. That is the reason why the Calder-Moir framework is a Plan-do-check process as emphasized by the author.

Fig. 5 Calder Moir Governance Framework

In a similar vein, Calder-Moir was defined by Tarantino (2008) in his book as a tool to understand the competing IT governance frameworks. Similarly with other tools of information technology, business and government requirements it creates confusion and overwhelming information for executives, the Calder Moir framework provides an avenue to understand these different frameworks, get the most out of each framework that yields in the contribution of the success of the company. In summary, the Calder Moir becomes a framework of all framework considering the needs of the company as its top priority.

One of the best definitions of the Calder-Moir framework was stated by the developers itself, in the book entitled, “IT Governance Pocket Book”, Allan Calder (2007) stated that the framework is not a new solution rather a process of organizing tools and issues that revolve in different frameworks, the Calder Moir also gives tools to executives to better understand and support the board of the company. The framework has an end-to-end process for each of the 5 stages which complies with the ISO/IEC 38500. The framework starts with the planning and identifying the business strategy ending with the IT solutions and operational support that aligns with the attainment of the business strategy.

As reviewed by Biagi (2022), the Calder-Moir framework provides a design or approach to combine the overlapping the frameworks and standards by providing the best practice in accordance to the ISO/IEC 35800. It is also founded that according to Mr. Calder that there is no one standard framework used in businesses therefore the Calder-Moir framework was proposed. The outcome of the framework was describing the business goals, alignment of information technology, expected outcomes, and needed to achieve the goals of the company, and the resource implications.

Conclusion: The Calder Moir framework’s definition has been similar throughout the lense of different authors, as stated by Mr. Calder the main proponent of the framework the calder-Moir is not a new solution rather a design on how the different competing and complex IT governance frameworks could work together to address the needs and alignment of business goals to the support and operations of information technology. Other authors have also the same theme as they have explained the use of calder-moir framework, a tool to assist companies to align their goals and objectives while adhering to the international standards organization.

CONCLUSION

Information Technology governance frameworks has been explained by the studies and literature as a guide and somehow becomes a template for companies and organizations on how they could better utilize their existing and future technologies as assets and investments in achieving their goals and targets. One of the major issues or challenges that companies face is identifying the proper management and governance strategy for the people and operations. There are many management theories, management frameworks, and tools that are available in the market, which makes companies overwhelmed to which framework is the best and suitable for them. The same is true for information technology governance frameworks with the emerging solutions provided by large tech companies, the thought of the later question remains the same, What IT governance framework suits my company? The answer lies in the priorities, size, services, products, and goals of the company.

Five major governance frameworks have been presented in this study and all of them point out one goal, – alignment of information technology investments with the business goals and targets. ISO/IEC 38500 has provided the major framework that has become the inspiration for other frameworks such as the Val IT The ISO/IEC 38500 assures that all factors of the company and its operations are working to get her and assuring information technology is aligned with the company’s operations, considering the external and internal pressures. COBIT presents an idea of considering information technology from planning to execution and monitoring of company still aligning It to the company goals and objectives. Meanwhile ITIL focuses more on the service of IT can provide to the company, more than the objectives is the strategy. Lastly Calder Moir gives an overview of handling risk management, business operations and strategy that aligns with the ISO/IEC 38500

With all of the explanation and analysis done, this study therefore concludes that information technology governance framework is more than aligning itself with the company’s objectives it is all about identifying the strategies and considering all parts of the operations and how investing in information technology will help the company in solving issues and challenges. It also provides a futuristic view of the company’s long-term solutions and long-term objectives.

REFERENCES

1. Almaawi, A., Alsaggaf, L., Fasihuddin, H. (2020). The Application of IT Governance Frameworks in Saudi Arabia: An Exploratory Study. Volume 176. No. 30. International Journal of Computer Applications.
2. Biagi V, Russo A. Data Model Design to Support Data-Driven IT Governance Implementation. Technologies.2022;10(5):106.https: //doi.org/10.3390/technologies10050106
3. Brand, K., Boonen, H. (2007). IT Governance based on CobIT4.1.  A Management Guide. ISBN: 978 90 8753 116 4. page 23.
4. Brohi, K., Mokhtar, S., Korejo, I. (2011). Validating and assessing IT Objectives towards the development of an IT governance Assessment Framework (ITGaF). Journal of Information and Communication Technology. Vol. 5, No. 2. Pages 40-51.
5. Calder, A. (2007). IT Governance Pocket Guide. IT Governance Publishing.
6. Chevauche, v. (2017). #Framework Calder-Moir IT Governance. LinkedIn. URL: https://www.linkedin.com/pulse/framework-calder-moir-governance-vincent-chevauch%C3%A9
7. Enterprise Value: Governance of IT Investments the Val IT Framework 2.0. IT Governance Institute. Page 6.
8. Feltus, C. (2008). Introducing ISO/IEC 38500: corporate Governance in ICT. https://www.researchgate.net/publication/ 228783683
9. Gervalla, M., Preniqi, N., Kopacek, P. (2018). IT Infrastructure Library (ITIL) framework approach to IT Governance. IFAC Papers Online Conference Paper Archive.
10. Hamzane, I., Belangour, A. (2019). Implementation of a decision system for a suitable IT governance framework. Vol. 17, No. 5. 2019. International Journal of Computer Science and Information Security.
11. ISO/IEC 38500 International Standard for Corporate Governance of IT (IT Governance). IT Governance.
12. IT Governance Institute, Board Briefing on IT Governance – 2nd Edition, California, 2003. [Online]. Available: https://eventosfehosp.com.br/2017 /material/sao_paulo/ti/jose/ITGI-Instrucoes-de-Governanca-de-TI-para-a-Alta-Administracao.pdf
13. Information Technology Governance (n.d.). The Calder – Moir IT Governance Framework. https://www.itgovernance.co.uk/ calder_moir.
14. W. Ross and P. Weill, IT Governance How Top Performers Manage IT Decisions Rights for Superior Results, Harvard Business School Press, Jun. 2004. [Online]. Available: https://www.researchgate.net/publication/ 236973378_IT_Governance_How_Top_Performers_Manage_IT_Decision_Rights_for_Superior_Results.
15. Khther, R. A., & Othman, M. (2013). Cobit Framework as a Guideline of Effective IT Governance in Higher Education: A Review. International Journal of Advanced Information Technology/International Journal of Information Technology, Convergence and Services, 3(1), 21–29. https://doi.org/10.5121/ijitcs.2013.3102
16. Kozina, M., & Popovic, D. (2010). VAL IT framework and ICT benefits. In Central European Conference on Information and Intelligent Systems (p. 221). Faculty of Organization and Informatics Varazdin.
17. Lombardi, R., Giudice, M., Caputo, A., Evangelista, F., Russo, G. (2015). Governance and Assessment Insights in Information Technology: the VAL IT Model. Journal of the Knowledge Economy. Vol. 7, pgs. 292-308.
18. Mohd Ali, B. A. (2020). Principles of VAL IT. http://dx.doi.org/10.2139/ssrn.3696932
19. Ndlovu, S., Kyobe, M. (2016). Challenges of COBIT 5 IT Governance Framework Migration. International Conference on Information Resources Management.
20. Nugroho, H. (2014). Conceptual Model of IT Governance for Higher Education Based on COBIT 5 Framework. Journal of Theoretical and Applied Information Technology.
21. Weill and R. Woodham, “Don’t Just Lead, govern: Implementing Effective IT Governance,” SSRN Journal, 2002, doi: 10.2139/ssrn.317319.
22. D. Haes and W. V. Grembergen, Enterprise governance of information technology: Achieving strategic alignment and value, Boston, MA: Springer, 2009, doi: 10.1007/978-0-387-84882-2.
23. Sebaaoui, S., Lamrini, M., Bouayad, A., Abbadi, L. (2019). Design of an ITIL Implementation Model in a Company. IOSR Journal of Computer Engineering. Vol. 21, No. 3, S. 11.
24. Suzangar, A., Kalantarian, M., Nasher, S., Kajbaf, M., Madani, N. (2011). Optimizing Information Technology Value Governance Framework Based on Val IT. ICIME 2011 – Proceedings of the 2nd International conference on Information Management and Evaluation.
25. Tounsi, A., Sekhara, Y., Medromi, H. (2015). IT Governance: Integration of Multi Agent’s Systems in the framework ITIL’s Processes. Vol. 5, Issue 4.
26. Tarantino, A. (2008). Governance, Risk, and Compliance Hanbook. John Wiley and Sons, Inc., Hoboken, New Jersey.
27. Taylor, K. (2023). What is ITIL Foundations?: A Complete Guide. New Horizons Official Site. https://www.newhorizons.com/ resources/blog/what-is-itil-foundation
28. University of Texas Library. What is a Literature Review? What is a literature review? – Literature Reviews – LibGuides at University of Texas at Austin (utexas.edu)