Ruben Filipe de Sousa Pereira

A Maturity Model for Implementing ITIL v3

Information Technology Infra-structure Library (ITIL) is the most popular “best practices” framework for managing Information Technology (IT) services. However, implementing ITIL not only is very difficult but there also are no best practices for implementing ITIL. As a result, ITIL implementations are usually long, expensive, and risky. In this paper, we propose a maturity model to assess an ITIL implementation and provide a roadmap for improvement based on priorities, dependencies, and guidelines. We then demonstrate a practical application of the proposed model with a questionnaire to assess the ITIL Incident Management process that was evaluated in two real-world organizations.

Designing a New Integrated IT Governance and IT Management Framework Based on Both Scientific and Practitioner Viewpoint

IT Governance (ITG) has been recognized as a CIO top-10 issue for more than five years and has risen in priority between 2007 and 2009. There are several Frameworks to help organizations in ITG implementation but these lack scientific viewpoint, are complex, and also overlap each other. However, besides the existence of several frameworks to help organizations in ITG implementation, most organizations keep designing their own Framework. Such statements reinforce the possibility of improvements in the existing Frameworks. In this paper the authors make a literature review to leverage ITG Contingency factors, ITG general guidelines and main ITG and IT Management (ITM) areas in order to provide a scientific viewpoint validation. Therefore, they integrate their artefacts and propose a new integrated ITG framework. The authors then evaluate their artefacts with expert’s interviews so as to provide practitioner viewpoint validation and also map the authors’ artefacts with current theories. Finally, they conclude their research with main contributions and future work.

Towards an Integrated IT Governance and IT Management Framework

ITG has been recognized as a CIO top-10 issue for more than five years and has risen in priority between 2007 and 2009. Several Frameworks exist to help organizations in ITG implementation but lack scientific viewpoint, are complex, and also overlap each other. In this paper we make a literature review to leverage the ITG Contingency factors, ITG general guidelines and main ITG and ITM areas in order to provide a scientific viewpoint validation. Such artefacts are used to build an integrated ITG and ITM framework. We also evaluate our artefacts with experts interviews in order to provide practitioner viewpoint validation. Finally, we conclude our research with main contributions and future work.

IT Governance Mechanisms: A Literature Review

Nowadays information technology (IT) is present in all organizations. This pervasive use of technology has created a critical dependency on IT that calls for a specific focus on IT Governance (ITG). Organizations with effective governance have actively adopted a set of ITG mechanisms. However, ITG mechanisms are not well defined among the literature and in some cases there are incongruities in their definition. In this paper we intend to perform a literature review (LR) in order to elicit which are the main ITG mechanisms as well as to describe them and state what they are useful for. We finish our work with conclusion, contributions, limitations and future work.

A literature review: IT governance guidelines and areas

Lack of business/IT (BIT) alignment affects e-governance initiatives success. Information Technology Governance (ITG) has been recognized as a CIO top-10 issue for more than five years and has risen in priority between 2007 and 2009. Several Frameworks exist to help organizations in ITG implementation but lack scientific viewpoint, are complex, and also overlap each other. In this paper we make a literature review to leverage the ITG general guidelines and main ITG areas in order to provide a scientific viewpoint validation. We also evaluate our artefacts with experts interviews in order to provide practitioner viewpoint validation, and map our artifact with current theories. Finally, we conclude our research with main contributions and future work.

How to generalize an information technology case study

Case studies are a valuable way to look at the world around us and have been gaining special importance in the last years in the information technology area. However, some problems, as for example the lack of rigor or the dependency of a single case exploration, preclude case study generalization. Therefore, we propose to perform an extensive literature review about case study methodology, specifically in information technology domain, in order to leverage critical information about organizations, which should be present in all information technology case studies to enable their generalization and pattern matching. We end our research with limitations, contributions and future work.

Business/IT Alignment through IT Governance Patterns in Portuguese Healthcare

The pervasive use of technology in organizations to address the increased services complexity has created a critical dependency on information technology (IT) that calls to a specific focus on IT Governance (ITG). However, determining the right ITG mechanisms remains a complex endeavor. This paper uses Design Science Research and proposes an exploratory research by analyzing ITG case studies to elicit possible ITG mechanisms patterns. Six interviews were performed in Portuguese healthcare services organizations to assess the ITG practices. The goal of the authors is to build some theories (ITG mechanisms patterns), which will guide healthcare services organizations about the advisable ITG mechanisms given their specific context. The authors also intend to elicit conclusions regarding the most relevant ITG mechanisms for Portuguese healthcare services organizations. Additionally, a comparison is made with the financial industry to identify improvement opportunities. The authors finish the paper with limitations, contribution and future work.

IT Compliance Management Process Modeling Based on Best Practices Reference Models and Qualitative Data

IT is becoming pervasive in all organizations as well as regulatory compliance requirements are becoming increasingly pervasive and burdensome. Several IT frameworks, which have been criticized by many researchers, exist to help organizations to mitigate IT compliance issues. However, the majority of the organizations keep being reactive when dealing with IT compliance. The goal of this paper is to analyze the main IT frameworks and literature and propose to model the IT Compliance Management process. The main contribution of this paper is the model of the IT compliance management process based in both scientific and practitioner viewpoint. We used Design Science Research as research methodology to design our proposal, we also used the concept-centric methodology to perform our literature review, and finally we evaluate our proposal with experts interviews. We finish our paper with contributions, lessons learned and future work.

IT Governance Mechanisms Patterns

Information Technology (IT) has been used in large organizations since the 1950s, for internal and external purposes. The pervasive use of technology in organizations has created a critical dependency on IT that calls for a specific focus on IT Governance (ITG) that is essential to ensure the Business/IT alignment objectives. However, determining the right ITG mechanisms remains a complex endeavor. Therefore, we propose to perform an exploratory research and analyze several ITG case studies to elicit possible ITG mechanisms patterns used in specific organizational context. It should be noted that a pattern is something which describes a successful solution to a problem in a specific context. Our main goal is to build some theories (ITG mechanisms patterns) which we believe that will guide organizations about the suitable ITG mechanisms to implement. The research methodology adopted was Design Science Research. We finish our research with limitations, contribution and future work.

Formalization of the IT Audit Management Process

Audit is an independent activity that employs standardized methods to evaluate and improve the effect in the process of compliance and control in order to help the organization achieve its goals. Nowadays, the current audit management process is costly and requires a high effort since there is a high amount of resources and used assets needed. This happens due to the large number of regulations with which it is crucial to comply. However, there are several frameworks which bring uncertainty and complexity to an organization. We intend to analyze the most important frameworks, elicit the needed requirements and use them to formalize the IT audit management process. Our work is important since a formalization of the IT audit management process is still missing and organizations keep struggling with so many frameworks in the market. Thus, organizations can achieve an improvement in their audits performance and an improvement on the analyses of their internal controls and compliance requirements.