Practitioner Factors in Information Technology Governance

Journal of Administrative Sciences and Technology

Download PDF  | Download for mobile

Wil Ly Teo1, Azizah Abd Manaf1 and Phyllis Lai Fong Choong2

1Universiti Teknologi Malaysia, Malaysia

2Multinational High-Tech Company, Malaysia

Volume 2013 (2013), Article ID 167294, Journal of Administrative Sciences and Technology, 12 pages, DOI: 10.5171/2013.167294

Received date : 14 February 2013; Accepted date : 1 March 2013; Published date : 25 June 2013

Academic editor: Alexandra Ionescu

Cite this Article as: Wil Ly Teo, Azizah Abd Manaf and Phyllis Lai Fong Choong (2013), "Practitioner Factors in Information Technology Governance," Journal of Administrative Sciences and Technology, Vol. 2013 (2013), Article ID 167294, DOI: 10.5171/2013.167294

Copyright © 2013 Wil Ly Teo, Azizah Abd Manaf and Phyllis Lai Fong Choong. Distributed under Creative Commons CC-BY 3.0

Abstract

Past research in information technology (IT) governance has shown that strong IT governance results in improved business performance. Despite widespread acceptance that IT governance is important, there are limited studies focusing on IT practitioners in IT governance initiatives. This study aims to examine the extent of commitment, awareness, perceived importance and competency in influencing IT practitioners’ participation in IT governance initiatives. Data analysis using Partial Least Squares reveals that awareness, perceived importance and competency have positive influence on participation in IT governance. However, commitment is not a significant predictor of participation in IT governance. The practitioner-centric approach taken by this study adds knowledge to the existing IT governance literature from organisational perspective. The findings from this study help IT management identify focus areas in increasing to maximise participation of IT practitioners in IT governance initiatives.  

Keywords: IT governance, practitioner-centric, partial least squares (PLS).

Introduction

Governance generally refers to the act or process of governing and it deals with authoritative direction or control. Authoritative direction over usage of information systems (IS) or information technology (IT) is not a new concept. However, new terms and concepts emerge as business and technology continue to develop.

The term “IT governance” surfaced in the early 1990s. The term was used by Loh and Venkatraman (1992) and Henderson and Venkatraman (1993) to describe the mechanisms for attaining necessary IT capabilities. A more recent term “corporate governance of IT” (ISO/IEC, 2008) reflects the growing acceptance that business is accountable for return of IT investments. In this study the term “IT governance” is used synonymously as “corporate governance of IT”.

Definitions of IT Governance

There are different views as to what IT governance means. Grembergen (2002) uses the term IT governance to describe “the organisational capacity exercised by the Board, executive management and IT management to control the formulation and implementation of IT strategy and in this way ensure the fusion of business and IT.”

IT Governance Institute (ITGI) defines IT governance as “the responsibility of the board of directors and executive management and is an integral part of enterprise governance and consists of the leadership and organisational structures and processes that ensure that the organisation’s IT sustains and extends the organisation’s strategies and objectives” (ITGI, 2003).

IT governance, according to Weill and Ross (2004) is “specifying the decision rights and accountability framework to encourage desirable behaviour in the use of IT”.

According to ISO/IEC 38500:2008, “Corporate Governance of IT is the system by which the current and future use of IT is directed and controlled. Corporate governance of IT involves evaluating and directing the use of IT to support the organisation and monitoring this use to achieve plans. It includes the strategy and policies for using IT within an organisation.”

Despite the diversity in definitions of IT governance, the common elements are strategic alignment, delivery of business values, risk management, resource management and performance management. These are consistent with the scope of IT governance defined by ITGI (2003).

ITGI (2003) emphasises that the board of directors and executive management are responsible for IT governance. Although accountability for IT governance cannot be delegated (ISO/IEC, 2008), management makes operating decisions (Sohal and Fitzpatrick, 2002) to drive IT governance initiatives. These initiatives are cascaded down to the execution level to achieve IT governance goals.

Research Objectives

While most of past IT governance studies are conducted at the organisational level with respondents from the top management of IT and business, this study takes on the perspective of IT practitioners.

Dixon (2002) views IT practitioner as “someone who designs, develops, operates, maintains, supports, services, and/or improves IT systems, in support of end-users of such systems”. The scope of work of IT practitioners covers a range of IT functions throughout Information System lifecycle, namely strategy and planning, management and administration, development, implementation, and service delivery.

This study aims to examine the extent of the following factors influencing IT practitioners’ participation in IT governance initiatives:

1.Commitment to participate in IT governance initiatives

2.Awareness of IT governance

3.Perceived importance of IT governance

4.Competency to participate in IT governance initiatives

Literature Review

Participation in IT Governance Initiatives

Past literature has pointed out that IT governance is ultimately the responsibility of the board (ITGI, 2003, Kakabadse and Kakabadse, 2001, Weill and Ross, 2004). There had also been various studies about importance of active alignment between business and IT (Luftman, 2003, Weill and Ross, 2004, Haes and Grembergen, 2009).

Unfortunately, there had been less focus on participation of IT practitioners to make IT governance initiatives successful. As IT practitioners is the focus of this study, their participation in IT governance initiatives require further study.

Commitment to Participate in IT Governance Initiatives

Ali and Green (2012) argue that in the IT governance context, commitment is related to culture of compliance leading to effective IT governance. Organisational commitment and professional commitment will be discussed.

Past research has proposed many ways of conceptualising and measuring organisational commitment (Meyer and Allen, 1991, Mowday et al., 1982, O’Reilly and Chatman, 1986). As an attitude, Mowday et al. (1982) defined Organizational Commitment as an individual’s identification with, and willingness to embrace organisational goals. This perspective of organisational commitment reflects the employee’s emotional attachment to the organisation (Mowday et al., 1982).

Although there is lack of agreement on the definition of commitment, its dimensionality, how it develops and affects behaviour, recent research suggests that commitment incorporates three key dimensions: affective, continuance, and normative commitment (Meyer and Herscovitch, 2001).

According to Meyer and Allen (1991) affective commitment is “an employee’s emotional attachment to, identification with, and involvement in the organisation”. Continuance commitment is defined as “an employee’s perceived costs of leaving the organisation”, while normative commitment is “an employee’s obligation to remain in an organisation” (Meyer and Allen, 1991).

Organisational commitment has been studied in IS studies from different perspectives. Basu et al. (2002) examined the link between organisational commitment and strategic planning success. Oz (2001) found that IT practitioners not only have higher organisational commitment than those in other professions, but are also more ethical in providing professional opinion. More recently, Bryant et al. (2007) applied this concept of organisational commitment to study the link with peer mentoring among IT practitioners.

Employees’ commitment increases their responsibility to enhance governance of IT (Feltus et al., 2009). More recently Bradley and Pratt (2011) found that level of commitment of employees has an indirect influence on IT governance and risk management. Therefore, organisational initiatives such as IT governance should consider the influence of organisational commitment.

Occupational commitment and professional commitment are similar in the sense that they involve groups of people across organisations with specific occupational mastery (Blau, 1999). The professional commitment construct is defined as “one’s attitude towards one’s profession or vocation” (Blau, 1985, Blau, 1999). Because IT practitioners are knowledge workers with strong levels of autonomy, expertise and self-regulation (Blau, 1999, Mills and Moshavi, 1999), the concept of professional commitment is more suitable for this study compared to occupational commitment.

Professional commitment is likely to be positively related to organisational citizenship behaviours because employees perceive extra-role activities as an effort to improve their professional capabilities (Bryant et al., 2007). Organisational citizenship behaviours are expected to contribute positively to overall organisational effectiveness, and therefore should be considered when executing organisational initiatives such as IT governance.

H1: Commitment to participate in IT governance initiatives has positive relationship with participation in IT governance initiatives.

Awareness of IT Governance

According to Weill and Ross (2004), most senior executives in top-performing companies clearly understand and are able to describe their IT governance. In fact, Weill and Ross (2005) claimed that senior management awareness of IT governance is a good indicator of its effectiveness.

Awareness is an important aspect of IT governance (Yap et al., 2010). In the recent ISACA survey of 843 IT professionals in the Asia Pacific region, increasing awareness among employees is rated as the most important action to improve IT risk management which is one objective of IT governance. Improving coordination between IT risk management and overall enterprise risk management and increasing use of best practices and frameworks came a distant second and third respectively (ISACA, 2012).

Endsley (1995) defined situational awareness as “the perception of elements in the environment within a volume of time and space, the comprehension of their meaning, and the projection of their status in the near future”. The situational awareness model has applicability in complex systems like businesses that are supported by IT/IS (Lee et al., 2003, Endsley, 2001).

To ensure the success of IT governance initiatives in the organisation, awareness of IT governance should be cascaded down from direction setters to decision-makers and finally down to the execution level. Although Yap et al. (2010) found that awareness is not necessarily translated to practice, this study argues that having an awareness of IT governance helps the IT practitioner relate what he/she does in the execution of his/her job responsibilities to the bigger picture of organisational IT governance goals.

H2: Awareness of IT governance increases participation in IT governance initiatives.

Perceived Importance of IT Governance

Perceived importance refers to the perception of the degree of importance of IT governance to the IT practitioner. Robin et al. (1996) theorised that the perceived importance of an issue will have an effect on an individual’s judgment on the issue.

In the study of ethics in information system, (Leonard et al., 2004) found that individuals who rated an issue high in perceived importance were less likely to behave unethically. Other studies on ethics have also found influence of issue characteristics on ethical judgment (Banerjee et al., 1998, Robertson et al., 2002, Al-Rafee and Cronan, 2006). Furthermore Pranish (2012) argued that perceived importance is important for analysing the gap with competency in IT skills so that necessary actions are taken to close the gap.

Based on past literature, perception of the degree of importance of the issue affects behaviour towards the issue. Therefore, perceived importance of IT governance to the practitioner influences his/her behaviour towards IT governance initiatives.

H3: Perceived importance of IT governance positively influences participation in IT governance initiatives.

Competency to Participate in IT Governance Initiatives

According to Le Deist and Winterton (2005), task execution, problem solving and judgment of results in a way that is goal-oriented, appropriate, methodological and independent require domain competence.

Willcocks et al. (2006) listed IT governance as one of nine core IT capabilities. Capability in their viewpoint crosses beyond the human resource-based skills. At the top level, this capability is required to accomplish integration of IT effort with business purpose and activity.

Implementation of effective IT governance requires all IT team members to have adequate and appropriate skills to fulfil their specific role. (National Computing Centre, 2005). Al Omari et al. (2012) emphasises the importance of sufficient competencies for effective IT governance, but found that IT auditors themselves lack the necessary skills and competencies in IT governance areas.
Competency to participate in IT governance initiatives is an important aspect. Adapting from the concept of self-efficacy in IS (Bandura, 1986, Compeau and Higgins, 1995), competency is the judgment of one’s ability to fulfil their specific role in IT governance.

H4: Competency in IT governance results in greater participation in IT governance initiatives.

The research framework is shown in Fig. 1 along with variable names.

167294-fig-1

Fig. 1: Research Framework

Research Design and Methodology

Population and Sample

The sampling frame consisted of IT practitioners in Malaysia according to the definition of Dixon (2002). Due to the limitation of not having a national registry of IT practitioners, purposive sampling was used to solicit potential respondents from Multimedia Super Corridor (MSC) status companies in Cyberjaya, Malaysia.

MSC is an initiative by the Malaysian government to promote development of IT in the country. Organisations with MSC status develop IT product, provide external IT services company or are internal IT service providers to organisations of various industries. These organisations are concentrated in MSC zones throughout the country. Cyberjaya, one of the MSC zones has the highest concentration of organisations, is located in the suburbs of Kuala Lumpur, the capital of Malaysia.

Eligible respondents received e-mail invitations to the online survey website. Out of 198 invitations, 167 valid responses were received representing response rate of 84%, which is very good as suggested by Babbie (1990). The high response rate was expected because respondents had agreed to participate during survey sign-up.

Non-response bias was checked based on the assumption that characteristics of non-respondents are similar to late respondents as suggested by Armstrong and Overton (1977). Independent samples t-test confirmed that none of the demographics are statistically significant (p > 0.05, two-tail tests) therefore suggesting that non-response bias might not exist.

Measurement Instrument

Perceptual measure of the variables in this study was employed. The instrument for organisational commitment was adopted from Allen and Meyer (1990) with eight items each for affective, continuance and normative commitment. Professional commitment was measured using a five-item questionnaire Blau (1999). The questionnaire was designed with five-point Likert scale to measure the multi-item constructs (1 = strongly disagree and 5 = strongly agree).

Respondent Profile

Majority of respondents have job functions in the area of application (40.7%) and infrastructure (30.5%). A small number of them are in project management (10.2%) and service management (12.0%). The remaining have cross-functional job functions.

Most respondents have bachelor degree 86.2%), while remaining have education level lower (6.0%) or higher (7.8%) than that. They mainly studied IT and related majors (86.8%) with only a small number with non-IT related majors (4.8%). The remaining had a mixed education background.

Certification is relatively widespread, with nine out of ten respondents having one or more certifications. However, IT governance certification is rare (1.8%). Project management, service management and security certifications constitute 53.9% while other certifications constitute 34.7%.

The respondents represent a relatively young IT workforce with majority within the 10-year experience band (87.4%). Respondents with 2-5 years of work experience constitute the largest group (34.7%), followed by those in the 5-10 years category (28.1%). Overall, the different experience levels are adequately represented.

Data Analysis Using Partial Least Squares

Partial Least Squares (PLS) was selected for this study for three reasons. Firstly, the research objective is oriented towards prediction rather than parameter estimation and goodness-of-fit, hence PLS approach is more suitable (Chin et al., 2003). Secondly, PLS places minimal demand on measurement scales, and distributional assumptions (Chin et al., 2003, Marcoulides et al., 2009).

Finally, PLS is able to handle both reflective and formative constructs. Although PLS path modelling algorithm requires that every latent variable has at least one manifest indicator, second order constructs in this research are possible using repeated-indicator approach (Wold, 1982, Lohmöller, 1989).

The software used for data analysis is SmartPLS Version 2.0 M3 (Ringle et al., 2005). A two-step analysis approach as suggested by Anderson and Gerbing (1988) was adopted to analyse the data.

Results

Assessment of Measurement Model

Recommended value of 0.6 for outer loading (Chin et al., 1997) was used. After removing items due to poor outer loading and cross-loading, average variance explained (AVE) and composite reliability (CR) were calculated. The results are shown in Table 1.

Table 1: Average Variance Explained (AVE) and Composite Reliability (CR)
167294-tab-1

All CR values were 0.7 or higher, indicating adequate convergence or internal consistency (Gefen et al., 2000), hence reliability was established.

Convergent validity was established based on all AVE values exceeding 0.5 (Fornell and Larcker, 1981). Table 2 shows latent variable correlation. Diagonals in the table represent AVE while the off-diagonals represent square of correlations. Discriminant validity was established based on AVE of all latent variables higher than the squared correlations between the latent variable and all other variables (Chin, 2010, Chin, 1998, Fornell and Larcker, 1981).

Table 2: Latent Variable Correlation


167294-tab-2

Common Method Variance (CMV) was tested using Harman’s single factor test (Podsakoff et al., 2003). Using Exploratory Factor Analysis (EFA) with unrotated principal components factor analysis, none of the factors explained the majority of the variance, therefore CMV was not significant.

Assessment of Structural Model

After establishing reliability, validity and absence of common method variance, the structural model was evaluated using bootstrapping procedure with 500 iterations. To test hypotheses H1 to H4, the paths of commitment to participate in IT governance (COMM  PPAR), awareness of IT governance (PAWN  PPAR), perceived importance of IT governance (PPCI  PPAR) and competency to participate in IT governance initiatives (PCOM  PPAR) were examined. The results are shown in Table 3.

Table 3: Path Coefficients and Significance


167294-tab-3

Awareness of IT governance (β = 0.207, p < 0.05), perceived importance of IT governance (β = 0.294, p < 0.01) and competency to participate in IT governance initiatives (β = 0.342, p < 0.01) have positive relationship with participation in IT governance initiatives. Therefore hypotheses H2, H3 and H4 are supported. These three factors explain 48.2% of the variance.

However, commitment to participate in IT governance (β = 0.060, p > 0.05) is not a significant predictor of participation in IT governance. Therefore hypothesis H1 is not supported.

Discussion

Consistent with prior literature, awareness, perceived importance and competency are positively related with participation in IT governance initiatives.

In contrast with theory, commitment is not a significant predictor of participation in IT governance. The findings suggest that some sort of behavioural control is present, meaning that participation is not entirely voluntary.

Contribution

The IT practitioner perspective taken in this study adds knowledge to the existing IT governance literature from organisational perspective.

The findings from this study help IT management to identify areas of focus to maximise effectiveness of IT governance initiatives through participation of their IT staff.

Implications

Promotion of IT governance awareness should be given high priority. The management should also take steps increase perceived importance of IT governance among members of IT team. These could be done through interventions (e.g. training, marketing campaign) targeted at IT practitioners.

Once adequate level of awareness and perceived importance of IT governance is attained, the management should build competency so that their team members are competent in IT governance and contribute to these initiatives in the organisation.

Continuous commitment from management is needed. IT governance is usually a long and arduous journey. Without continuous commitment, such initiatives are not sustainable.

Limitations and Suggestions for Future Research

Due to the nature of the population where no register of IT practitioners is available, purposive sampling is used. Purposive sampling is a non-probability technique which limits generalisability.

This limitation is mitigated to some extent through representativeness of the sample because demographics of respondents is comparable to the workforce demographics of MSC-status companies. Generalisability to organisations having very different organisational context as these MSC-status organisations should be done with caution.

This study assumes participation in IT governance initiatives is voluntary. Organisations with specific IT organisational structures and processes for IT governance initiatives will introduce mandatory settings in which behaviour of participation is controlled. Future IT governance research on IT practitioner could consider these additional factors of management guidance.

References

Ali, S. & Green, P. (2012). “Effective Information Technology (IT) Governance Mechanisms: An IT Outsourcing Perspective,” Information Systems Frontiers, 14 (2), 179-193.
PublisherGoogle Scholar

Allen, N. J. & Meyer, J. P. (1990). “The Measurement and Antecedents of Affective, Continuance, and Normative Commitment,” Journal of Occupational Psychology, 63, 1-18.
PublisherGoogle Scholar

Al Omari, L., Barnes, P. H. & Pitman, G. (2012). “An Exploratory Study into Audit Challenges in IT Governance : A Delphi Approach,” Symposium on IT Governance, Management and Audit (SIGMA2012). Universiti Tenaga Nasional, Malaysia.
PublisherGoogle Scholar

Al-Rafee, S. & Cronan, T. P. (2006). “Digital Piracy: Factors that Influence Attitude toward Behavior,” Journal of Business Ethics, 63 (3), 237-259.
PublisherGoogle Scholar

Anderson, J. C. & Gerbing, D. W. (1988). “Structural Equation Modeling in Practice: A Review and Recommended Two-Step Approach,” Psychological Bulletin, 103 (3), 411-423.
PublisherGoogle Scholar

Armstrong, J. S. & Overton, T. S. (1977). “Estimating Nonresponse Bias in Mail Surveys,” Journal of Marketing Research, 14, 396-402.
PublisherGoogle Scholar

Babbie, E. R. (1990). Survey Research Methods, Wadsworth, Belmont, CA.
PublisherGoogle Scholar

Bandura, A. (1986). Social Foundations of Thought and Action: A Social Cognitive Theory, Prentice-Hall, Inc.
PublisherGoogle Scholar

Banerjee, D., Cronan, T. P. & Jones, T. W. (1998). “Modeling IT Ethics: A Study in Situational Ethics,” MIS Quarterly, 22 (1), 31-60.
PublisherGoogle Scholar

Basu, V., Hartono, E., Lederer, A. L. & Sethi, V. (2002). “The Impact of Organizational Commitment, Senior Management Involvement, and Team Involvement on Strategic Information Systems Planning,” Information & Management, 39 (6), 513-524.
PublisherGoogle Scholar

Blau, G. (1999). “Early-Career Job Factors Influencing the Professional Commitment of Medical Technologists,” The Academy of Management Journal, 42 (6), 687-695.
PublisherGoogle Scholar

Blau, G. J. (1985). “The Measurement and Prediction of Career Commitment,” Journal of Occupational Psychology, 58 (4), 277-288.
PublisherGoogle Scholar

Bradley, R. V. & Pratt, R. M. E. (2011). “Exploring the Relationships among Corporate Entrepreneurship, IT Governance, and Risk Management,” System Sciences (HICSS), 2011 44th Hawaii International Conference on, 1-10.
PublisherGoogle Scholar

Bryant, S. E., Moshavi, D. & Nguyen, T. V. (2007). “A Field Study on Organizational Commitment, Professional Commitment and Peer Mentoring,” SIGMIS Database, 38 (2), 61-74.
PublisherGoogle Scholar

Chin, W. W. (1998). “Issues and Opinion on Structural Equation Modeling,” MIS Quarterly, 22 (1), 7-16.
PublisherGoogle Scholar

Chin, W. W. (2010). “How to Write up and Report Pls Analyses,” Handbook of Partial Least Squares: Concepts, Methods and Application, Esposito Vinzi, V., Chin, W. W., Henseler, J. and Wang, H. (eds.), Springer, New York.
PublisherGoogle Scholar

Chin, W. W., Gopal, A. & Salisbury, W. D. (1997). “Advancing the Theory of Adaptive Structuration: The Development of a Scale to Measure Faithfulness of Appropriation,” Information Systems Research, 8 (4), 342-367.
PublisherGoogle Scholar

Chin, W. W., Marcolin, B. L. & Newsted, P. R. (2003). “A Partial Least Squares Latent Variable Modeling Approach for Measuring Interaction Effects: Results from a Monte Carlo Simulation Study and an Electronic-Mail Emotion/Adoption Study,” Information Systems Research, 14 (2), 189-217.
PublisherGoogle Scholar

Compeau, D. R. & Higgins, C. A. (1995). “Computer Self-Efficacy: Development of a Measure and Initial Test,” MIS Quarterly, 19 (2), 189-211.
PublisherGoogle Scholar

Dixon, M. (2002). ‘Information Technology Practitioner Skills in Europe,’ Frankfurt: Council of European Professional Informatics Societies.
Google Scholar

Endsley, M. R. (1995). “Measurement of Situation Awareness in Dynamic Systems,” Human Factors: The Journal of the Human Factors and Ergonomics Society, 37 (1), 65-84.
PublisherGoogle Scholar

Endsley, M. R. (2001). “Designing for Situation Awareness in Complex Systems,” Proceedings of the Second International Workshop on symbiosis of humans, artifacts and environment.
PublisherGoogle Scholar

Feltus, C., Petit, M. & Dubois, E. (2009). “Strengthening Employee’s Responsibility to Enhance Governance of IT: Cobit RACI Chart Case Study,” Proceedings of the first ACM workshop on Information security governance, 23-32.
PublisherGoogle Scholar

Fornell, C. & Larcker, D. F. (1981). “Evaluating Structural Equation Models with Unobservable Variables and Measurement Error,” Journal of Marketing Research, 18 (1), 39-50.
PublisherGoogle Scholar

Gefen, D., Straub, D. & Boudreau, M. C. (2000). “Structural Equation Modeling and Regression: Guidelines for Research Practice,” Communications of the Association for Information Systems, 4 (7), 1-80.
PublisherGoogle Scholar

Grembergen, W. V. (2002). “Introduction to the Minitrack IT Governance and its Mechanisms,” Proceedings of the 35th Hawaii International Conference on System Sciences (HICSS), 7-10.
PublisherGoogle Scholar

Haes, S. D. & Grembergen, W. V. (2009). “An Exploratory Study into IT Governance Implementations and its Impact on Business/IT Alignment,” Information Systems Management, 26 (2), 123-137.
PublisherGoogle Scholar

Henderson, J. C. & Venkatraman, N. (1993). “Strategic Alignment: Leveraging Information Technology for Transforming Organizations,” IBM Systems Journal, 32 (1).
PublisherGoogle Scholar

ISACA (2012). ISACA 2012 IT Risk Reward Barometer Survey Results.
Publisher

ISO/IEC (2008). ISO/IEC 38500:2008 Corporate Governance of Information Technology, International Organization for Standardization/International Electrotechnical Commission.
Publisher

ITGI (2003). “Board Briefing on IT Governance,” IT Governance Institute, IL.
Publisher

Kakabadse, N. K. & Kakabadse, A. (2001). “IS/IT Governance: Need for an Integrated Model,” Corporate Governance:The International Journal of Effective Board Performance, 1 (4), 9-11.
PublisherGoogle Scholar

Le Deist, F. D. & Winterton, J. (2005). “What is Competence?,” Human Resource Development International, 8 (1), 27-46.
PublisherGoogle Scholar

Lee, M.- B., Suh, K.- S. & Whang, J. (2003). “The Impact of Situation Awareness Information on Consumer Attitudes in the Internet Shopping Mall,” Electronic Commerce Research and Applications, 2 (3), 254-265.
PublisherGoogle Scholar

Leonard, L. N. K., Cronan, T. P. & Kreie, J. (2004). “What Influences IT Ethical Behavior Intentions–Planned Behavior, Reasoned Action, Perceived Importance, or Individual Characteristics?,” Information & Management, 42 (1), 143-158.
PublisherGoogle Scholar

Lin, Y, Arshad, N. H., Haron, H., Bee, Y., Yusoff, M. & Mohamed, A.  (2010). “IT Governance Awareness and Practices: An Insight from Malaysian Senior Management Perspective,” Journal of Business Systems, Governance and Ethics, 5 (1), 43-57.
PublisherGoogle Scholar

Loh, L. & Venkatraman, N. (1992). “Diffusion of Information Technology Outsourcing: Influence Sources and the Kodak Effect,” Information Systems Research, 3 (4), 334-358.
PublisherGoogle Scholar

Lohmöller, J.- B. (1989). Latent Variables Path Modeling with Partial Least Squares, Physica-Verlag, Heildelberg.
Publisher

Luftman, J. (2003). “Assessing IT/Business Alignment,” Information Systems Management, 20 (4), 9-15.
PublisherGoogle Scholar

Marcoulides, G. A., Chin, W. W. & Saunders, C. (2009). “A Critical Look at Partial Least Squares Modeling,” MIS Quarterly, 33 (1), 171-175.
PublisherGoogle Scholar

Meyer, J. P. & Allen, N. J. (1991). “A Three-Component Conceptualization of Organizational Commitment,” Human Resources Management Review, 1 (1), 61-89.
PublisherGoogle Scholar

Meyer, J. P. & Herscovitch, L. (2001). “Commitment in the Workplace: Toward a General Model,” Human Resource Management Review, 11 (3), 299-326.
PublisherGoogle Scholar

Mills, P. K. & Moshavi, D. (1999). “Professional Concern: Managing Knowledge-Based Service Relationships,” International Journal of Service Industry Management, 10, 48-67.
PublisherGoogle Scholar

Mowday, R. T., Porter, L. W. & Steers, R. M. (1982). Employee-Organization Linkages: The Psychology of Commitment, Absenteeism, and Turnover, Academic Press, San Diego, CA.
PublisherGoogle Scholar

National Computing Centre (2005). “IT Governance: Developing a Successful Governance Strategy – A Best Practice Guide for Decision Makers in IT,” National Computing Centre, Manchester.
Publisher

O’Reilly, C. A. & Chatman, J. (1986). “Organizational Commitment and Psychological Attachment: The Effects of Compliance, Identification and Internalization of Prosocial Behavior,” Journal of Applied Psychology, 71, 492-499.
PublisherGoogle Scholar

Oz, E. (2001). “Organizational Commitment and Ethical Behavior: An Empirical Study of Information System Professionals,” Journal of Business Ethics, 34 (2), 137-142.
PublisherGoogle Scholar

Podsakoff, P. M., MacKenzie, S. B., Lee, J.- Y. & Podsakoff, N. P. (2003). “Common Method Biases in Behavioral Research: A Critical Review of the Literature and Recommended Remedies,” Journal of Applied Psychology, 88 (5), 879.
PublisherGoogle Scholar

Rai, P. (2012). “Matching up the Gap between Perceived Importance and Knowledge for IT Skills among Australian Accountants,” 0, 3632-3640.
PublisherGoogle Scholar

Ringle, C. M., Wende, S. & Will, A. (2005). ‘SmartPLS. 2.0 (beta),’ ed. Hamburg, Germany: SmartPLS.
Google Scholar

Robertson, C. J., Crittenden, W. F., Brady, M. K. & Hoffman, J. J. (2002). “Situational Ethics across Borders: A Multicultural Examination,” Journal of Business Ethics, 38 (4), 327-338.
PublisherGoogle Scholar

Robin, D. P., Reidenbach, R. E. & Forrest, P. J. (1996). “The Perceived Importance of an Ethical Issue as an Influence on the Ethical Decision-Making of Ad Managers,” Journal of Business Research, 35 (1), 17-28.
PublisherGoogle Scholar

Sohal, A. S. & Fitzpatrick, P. (2002). “IT Governance and Management in Large Australian Organizations,” International Journal of Production Economics, 75 (1/2), 97-112.
PublisherGoogle Scholar

Weill, P. & Ross, J. (2005). “A Matrixed Approach to Designing IT Governance,” Sloan Management Review, 46 (2), 26-34.
Publisher

Weill, P. & Ross, J. W. (2004). IT Governance: How Top Performers Manage IT Decision Rights for Superior Results, Harvard Business School Press, Boston, MA.
PublisherGoogle Scholar

Willcocks, L., Feeny, D. & Olson, N. (2006). “Implementing Core IS Capabilities:: Feeny—Willcocks IT Governance and Management Framework Revisited,” European Management Journal, 24 (1), 28-37.
PublisherGoogle Scholar

Wold, H. (1982). ‘Soft Modelling, the Basic Design and Some Extensions. Systems under Indirect Observation: Causality-Structure-Prediction,’ Part ii., Wold, H. and Jöreskog, K.-G. (eds.), North-Holland Publishing Company, Amsterdam.