Ali and Green (2012) found that in the IT governance context, commitment is related to culture of compliance leading to effective IT governance. In studies of a related area, Chang et al., (2012), and Herath and Rao (2009), argue that employees with high organisational commitment are more likely to comply with information security policy. This is consistent with earlier study that employees with high organisational commitment are less likely to engage in non-productive and counterproductive behaviours that potentially result in negative consequences to their organisation’s IT systems (Stanton et al., 2003).
Past information systems research also found that IT practitioners may have close identification with their profession (Bryant et al., 2007, Scholarios and Marks, 2004). The Professional Commitment construct is defined as “one’s attitude towards one’s profession or vocation” (Blau, 1985, Blau, 1999).
Based on TPB, attitudes of IT practitioners are hypothesised to influence intention to participate in IT governance initiatives, and therefore influence the actual behaviour of participation.
H1: Attitudes of IT practitioners increases participation in IT governance initiatives.
Subjective Norms
Subjective norm is “the person’s perception that most people who are important to him think he should or should not perform the behaviour in question” (Fishbein and Ajzen, 1975). Past information systems research has shown that an individual’s behaviour is influenced by the norm as observed by the individual (Chan et al., 2005, Knapp et al., 2006, Johnston and Warkentin, 2010).
Although the issue of IT governance is complex, a general awareness of IT governance is important (Yap et al., 2010). Awareness of IT governance should be cascaded down from direction setters to decision-makers, and finally down to the execution level. In the recent ISACA survey of 843 IT professionals in the Asia Pacific region, increasing awareness among employees is rated as the most important action to improve IT risk management which is one objective of IT governance (ISACA, 2012c).
Subjective norms are normative beliefs together with the motivation to comply with referent group expectations. Perceived importance of IT governance to the IT practitioner influences to compliance to the expectations. The issue on hand influences judgment (Robertson et al., 2002, Al-Rafee and Cronan, 2006), and individuals who rated an issue high in perceived importance issue characteristics are less likely to behave against the norm (Leonard et al., 2004). Therefore, high perceived importance of IT governance is expected to result in positive behaviour in IT governance issues.
Learning and development is an important part of organisational culture (Bollinger and Smith, 2001). Kilic and Metin (2012), and Hefner (2003) conclude that learning and development is one of the most important and challenging issues for implementing and improving IT governance. The availability of learning and development opportunities in IT governance signals the organisation’s view that IT governance is important part of the IT organisational culture and therefore a component of subjective norm.
Subjective norms are characterised by awareness, perceived importance and learning and development opportunities in IT governance. Based on the TPB, subjective norms among IT practitioners are hypothesised to influence the actual behaviour of participation.
H2: Subjective norms among IT practitioners positively influence participation in IT governance initiatives.
Perceived Behavioural Controls
In TPB, Ajzen (1991) defines Perceived Behavioural Control as “the perceived ease or difficulty of performing the behaviour”. IT governance has become a core IT capability (Willcocks et al., 2006), and implementation of effective IT governance requires all IT team members to have adequate and appropriate skills to fulfil their specific role (National Computing Centre, 2005). Unfortunately, gap in sufficient competencies for effective IT governance still prevails (Al Omari et al., 2012). Being equipped with necessary competency allows the IT practitioner to participate effectively in IT governance initiatives.
The management could introduce order in the execution of IT governance initiatives by implementing necessary organisational structures and processes. Prior studies on organisation structures considered integration of governance/alignment tasks in roles and responsibilities, IT steering committees, IT strategy committees and architecture committee (Haes and Grembergen, 2009, Gallagher and Worrell, 2008, Haes and Grembergen, 2006, Nolan and McFarlan, 2005, Weill and Ross, 2004).
Organisational processes studied in prior research include service level agreements, portfolio management, IT governance frameworks, strategic information systems planning, balanced scorecard, and financial and chargeback arrangements (Haes and Grembergen, 2006, Grembergen et al., 2004, Weill and Ross, 2004, Grembergen, 2000). Having the necessary organisational structures and processes creates the environment where IT practitioners have access to the necessary support (or lack of barriers), resources and opportunities to participate in IT governance initiatives.
In the case of IT governance, the organisational goal of IT governance success are cascaded down to the individual in the form of personalised goals. IT goal setting is an integral part of IT strategic planning and IT governance (Haes and Grembergen, 2004, Grembergen et al., 2004, Simonsson and Johnson, 2006).
The main objective of reward system is to reward behaviours required by the company’s strategy (Hertel et al., 2005). The use of reward system in IT governance initiatives in IT governance has been researched by previous studies by Hefner (2003) and Haes et al., (2011). Reward system based on attainment of IT governance goals is a form of behavioural control.
This research is interested in investigating perceived behavioural control as a combination of internal and external factors. Therefore, based on (Ajzen, 2002), perceived behavioural control is a unitary latent variable in a hierarchical factor model aggregated from competency, organisational structures, processes goals and reward system towards IT governance. This leads to the final hypothesis.
H3: Perceived behavioural controls on IT practitioners result in greater participation in IT governance initiatives.
Participation in IT Governance Initiatives
The board of directors and executive management are responsible for IT governance (ITGI, 2003). Although accountability for IT governance cannot be delegated (ISO/IEC, 2008), participation of senior management from IT and business is crucial for effective IT governance (Huang et al., 2010, Haes and Grembergen, 2009, Weill and Ross, 2004). These initiatives are cascaded down to the execution level to achieve IT governance goals, hence, participation of IT practitioners in IT governance initiatives is also important.
Applying TPB to the context of this study, the IT practitioner’s participation in IT governance initiatives is determined by his/her intention to participate. Such intention is influenced by his/her attitudes toward the behaviour, subjective norms and perceived behavioural controls.
Since behavioural intention precedes the behaviour itself, inclusion of both constructs in the same model requires longitudinal study. Szajna (1994) suggests that self-reported measures of intention suffer from common-method bias, especially when intention is measured at the same time as its antecedents. Furthermore, measuring both as the same time yields intentions as a reflection of future behaviour. In contrast, reports of actual behaviour had happened in the past (George, 2004).
Given the cross-sectional design of this study, the dependent variable is a measure of the actual behaviour rather than behavioural intention. The research framework is shown in Figure 1 along with variable names.
However, Attitudes (β = -0.014, p > 0.05) are not significant predictors of participation in IT governance. Therefore hypothesis H1 is not supported.
Discussion
Results show that subjective norms and perceived behavioural controls on IT practitioners result in greater participation in IT governance initiatives. Both findings are consistent with the Theory of Planned Behaviour (TPB).
Surprisingly, attitudes do not have significant relationship with participation in IT governance initiatives, in contrast with prediction of TPB. Ajzen (1991) points out that when constraints are either extremely high or extremely low, attitudes do not predict behaviour very well.
Attitudes are a good predictor of behaviour when the constraints are minimal. This means that in the absence of organisational structures, processes, goal settings and reward system for IT governance, the IT practitioners’ participation in IT governance initiatives depend on their attitudes. This means, participation depends on their own organisational and professional commitment, with the condition that they are sufficiently competent in this area.
However, attitude is difficult to change, and it is easy to manipulate the other constraints. Competency leads to greater participation, and environment that promotes participation should be created. In addition, IT governance remains a topic requiring control over the behaviour of IT practitioners. This could be achieved using organisational structures, processes, goal settings, and reward system, to encourage desirable behaviour in IT governance initiatives.
Deeper analysis reveals that awareness and perceived importance of IT governance are the two most important factors from the practitioner perspective. Competency in IT governance is also a significant factor. As for management guidance, organisational processes and reward system are the most important, closely followed by organisational structure.
The three main constructs explain 57.7% of the variance in behaviour, that is, participation in IT governance initiatives. This value is superior to empirical studies in which only 40% of the variance of behaviour could be explained using TPB (Ajzen, 1991). The explained variance is also compared with a related study using the same theory (Bulgurcu et al., 2010), where the explained variance of intention security compliance was 34.5%.
Contribution
This research adds the IT practitioner perspective to the existing IT governance knowledge that mainly focuses on top management and the organisation. The research demonstrates that TPB could be used to study IT practitioners’ participation in IT governance initiatives. Within the context of the theory, the three main constructs of attitude, subjective norms, and perceived behavioural control are adapted to constructs relevant to IT governance. Actual behaviour is represented by participation in IT governance initiatives.
For managerial contributions, the findings from this research help the IT management to focus on the most important issues that will maximise participation of IT practitioners in IT governance initiatives.
Limitations and Suggestions for Future Research
Due to the nature of the population, where no register of IT practitioners was available, purposive sampling was used. Purposive sampling is a non-probability technique which limits generalisability. Further replication studies to assess applicability in other geographical locations within and outside of Malaysia will increase generalisability of the findings.
Finally, extensions of the proposed model could be considered. Suitability of the model proposed in the research could be assessed in small and medium enterprises to uncover specific requirements of such organisations.
Conclusion
This research investigated the people issues in IT governance using the Theory of Planned Behaviour. It examined the influence of IT practitioners and management guidance on the extent of their participation in IT governance initiatives. Based on data from IT practitioners in Malaysia, this research reaffirms that IT governance requires controls, in the form of organisational structures, processes, goal settings, and reward system to encourage desirable behaviours in IT governance initiatives.
(adsbygoogle = window.adsbygoogle || []).push({});
References
Ajzen, I. (1991), ‘The theory of planned behavior,‘ Organizational Behavior and Human Decision Processes, 50, 179-211.
Publisher
Ajzen, I. (2002), ‘Perceived behavioral control, self-efficacy, locus of control, and the theory of planned behavior,‘ Journal of Applied Social Psychology, 32 (4), 665-683.
Publisher – Google Scholar
Al-Rafee, S. and Cronan, T. P. (2006), ‘Digital piracy: Factors that influence attitude toward behavior,‘ Journal of Business Ethics, 63 (3), 237-259.
Publisher – Google Scholar
Al Omari, L., Barnes, P. H. and Pitman, G. (2012), An exploratory study into audit challenges in IT governance : A delphi approach. Symposium on IT Governance, Management and Audit (SIGMA2012). Universiti Tenaga Nasional, Malaysia.
Ali, S. and Green, P. (2012), ‘Effective information technology (IT) governance mechanisms: An IT outsourcing perspective,‘ Information Systems Frontiers, 14 (2), 179-193.
Publisher – Google Scholar
Allen, N. J. and Meyer, J. P. (1990), ‘The measurement and antecedents of affective, continuance, and normative commitment,‘ Journal of Occupational Psychology, 63, 1-18.
Publisher
Anderson, J. C. and Gerbing, D. W. (1988), ‘Structural equation modeling in practice: A review and recommended two-step approach,’ Psychological Bulletin, 103 (3), 411-423.
Publisher
Armstrong, J. S. and Overton, T. S. (1977), ‘Estimating nonresponse bias in mail surveys,‘ Journal of Marketing Research, 14, 396-402.
Publisher – Google Scholar
Ayat, M., Masrom, M. and Sahibuddin, S. (2011a), ‘IT governance and small medium enterprises’ Proceedings of International Conference on Software and Computer Applications (ICSCA 2011).
Ayat, M., Masrom, M., Sahibuddin, S. and Sharifi, M. (2011b), ‘Issues in implementing IT governance in small and medium enterprises’ Intelligent Systems, Modelling and Simulation (ISMS), 2011 Second International Conference on, 197-201.
Babbie, E. R. (2008), The basics of social research, Wadsworth Publishing Company.
Balocco, R., Ciappini, A. and Rangone, A. (2013), ‘ICT governance: A reference framework,‘ Information Systems Management, 30 (2), 150-167.
Publisher – Google Scholar
Blau, G. (1999), ‘Early-career job factors influencing the professional commitment of medical technologists,’ The Academy of Management Journal, 42 (6), 687-695.
Publisher – Google Scholar
Blau, G. J. (1985), ‘The measurement and prediction of career commitment,‘ Journal of Occupational Psychology, 58 (4), 277-288.
Publisher – Google Scholar
Bollinger, A. S. and Smith, R. D. (2001), ‘Managing organizational knowledge as a strategic asset,’ Journal of Knowledge Management, 5 (1), 8-18.
Publisher – Google Scholar
Brown, A. E. and Grant, G. G. (2005), ‘Framing the frameworks: A review of IT governance research,’ Communications of AIS, 2005 (15), 696-712.
Bryant, S. E., Moshavi, D. and Nguyen, T. V. (2007), ‘A field study on organizational commitment, professional commitment and peer mentoring,’ SIGMIS Database, 38 (2), 61-74.
Publisher – Google Scholar
Bulgurcu, B., Cavusoglu, H. and Benbasat, I. (2010), ‘Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness,’ MIS Quarterly, 34 (3), 523-548.
CEPIS Professionalism Taskforce (2010), ‘Promoting IT professionalism in Europe: CEPIS vision and action plan,’ The European Journal for the Informatics Professional, 11 (5), 6.
Chan, M., Woon, I. and Kankanhalli, A. (2005), ‘Perceptions of information security in the workplace: Linking information security climate to compliant behavior,’ Journal of information privacy and security, 1 (3), 18-41.
Chang, A.-T., Wu, C.-Y. and Liu, H.-W. (2012), ‘The effects of job satisfaction and organization commitment on information security policy adoption and compliance’ Management of Innovation and Technology (ICMIT), 2012 IEEE International Conference on, 442-446.
Chin, W. W. (1998), ‘Issues and opinion on structural equation modeling,’ MIS Quarterly, 22 (1), 7-16.
Chin, W. W. (2010), How to write up and report pls analyses. Handbook of partial least squares: Concepts, methods and application. Esposito Vinzi, V., Chin, W. W., Henseler, J. and Wang, H. (eds.), Springer, New York.
Chin, W. W., Marcolin, B. L. and Newsted, P. R. (2003), ‘A partial least squares latent variable modeling approach for measuring interaction effects: Results from a monte carlo simulation study and an electronic-mail emotion/adoption study,’ Information Systems Research, 14 (2), 189-217.
Publisher
Dillman, D. A. (2000), Mail and internet surveys: The tailored design method, John Wiley and Sons, Inc., New York.
Dixon, M. (2002), Information technology practitioner skills in Europe. Frankfurt: Council of European Professional Informatics Societies.
Evolven. (2013). A year in review: 7 major outages from 2012 [Online]. [Retrieved 24 May 2013] [Available: http://www.evolven.com/blog/7-major-outages-from-2012.html].
Fishbein, M. and Ajzen, I. (1975), Belief, attitude, intention and behavior: An introduction to theory and research, Addison-Wesley, Reading.
Fornell, C. and Larcker, D. F. (1981), ‘Evaluating structural equation models with unobservable variables and measurement error.,‘ Journal of Marketing Research, 18 (1), 39-50.
Publisher – Google Scholar
Gallagher, K. and Worrell, J. (2008), ‘Organizing IT to promote agility,‘ Information Technology and Management, 9 (1), 71-88.
Publisher – Google Scholar
Gefen, D., Straub, D. and Boudreau, M. C. (2000), ‘Structural equation modeling and regression: Guidelines for research practice,’ Communications of the Association for Information Systems, 4 (7), 1-80.
George, J. F. (2004), ‘The theory of planned behavior and internet purchasing,‘ Internet Research, 14 (3), 198 – 212.
Publisher – Google Scholar
Goles, T., Hawk, S. and Kaiser, K. M. (2008), ‘Information technology workforce skills: The software and IT services provider perspective,’ Information Systems Frontiers, 10 (2), 179-194.
Publisher – Google Scholar
Grembergen, W. V. (2000), ‘The balanced scorecard and IT governance.,’ Information Systems Control Journal, 2, 40-43.
Grembergen, W. V. (2002), ‘Introduction to the minitrack IT governance and its mechanisms‘ Proceedings of the 35th Hawaii International Conference on System Sciences (HICSS), 7-10.
Publisher
Grembergen, W. V., Haes, S. D. and Guldentops, E. (2004), Structures, processes and relational mechanisms for IT governance. Strategies for information technology governance. Van Grembergen, W. (ed.), Idea Group Publishing., Hershey, PA.
Haes, S. D., Gemke, D., Thorp, J. and Grembergen, W. V. (2011), ‘The evolution of KLM’s enterprise governance of IT,’ MIS Quarterly Executive, 10 (3).
Haes, S. D. and Grembergen, W. V. (2004), ‘IT governance and its mechanisms,’ Information Systems Control Journal, 1, 27-33.
Haes, S. D. and Grembergen, W. V. (2006), ‘Information technology governance best practices in Belgian organisations’ System Sciences, 2006. HICSS’06. Proceedings of the 39th Annual Hawaii International Conference on, 8, 195b-195b.
Haes, S. D. and Grembergen, W. V. (2008), ‘Practices in IT governance and business/IT alignment,’ Information Systems Control Journal, 2, 23-27.
Haes, S. D. and Grembergen, W. V. (2009), ‘An exploratory study into IT governance implementations and its impact on business/IT alignment,’ Information Systems Management, 26 (2), 123-137.
Publisher
Hair, J. F., Black, W. C., Babin, B. J. and Anderson, R. E. (2010), Multivariate data analysis: A global perspective, Pearson Education, Upper Saddle River, NJ.
Hale, J. L., Householder, B. J. and Greene, K. L. (2003), The theory of reasoned action. The persuasion handbook: Developments in theory and practice, Dillard, J. P. and Pfau, M. (eds.), Sage, Thousand Oaks, CA.
Hefner, R. (2003), ‘Aligning strategies: Organizational, project, individual [IT governance]’ System Sciences, 2003. Proceedings of the 36th Annual Hawaii International Conference on, 9 pp.
Herath, T. and Rao, H. R. (2009), ‘Protection motivation and deterrence: A framework for security policy compliance in organisations,’ Eur J Inf Syst, 18 (2), 106-125.
Publisher – Google Scholar
Hertel, G., Geister, S. and Konradt, U. (2005), ‘Managing virtual teams: A review of current empirical research,‘ Human Resource Management Review, 15 (1), 69-95.
Publisher – Google Scholar
Huang, R., Zmud, R. W. and Price, R. L. (2010), ‘Influencing the effectiveness of IT governance practices through steering committees and communication policies,’ Eur J Inf Syst, 19 (3), 288-302.
Publisher – Google Scholar
Ifinedo, P. (2012), ‘Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory,‘ Computers & Security, 31 (1), 83-95.
Publisher – Google Scholar
ISACA (2011), Global status report on the governance of enterprise IT (GEIT) – 2011.
ISACA (2012a), 2012 governance of enterprise IT (GEIT) survey – Global edition.
ISACA (2012b), COBIT 5: A business framework for the governance and management of enterprise IT, ISACA, Rolling Meadows, IL.
ISACA (2012c), Isaca 2012 IT risk reward barometer survey results.
Ismail, N. A. (2008), ‘Information technology governance, funding and structure: A case analysis of a public university in Malaysia,’ Campus-Wide Information Systems, 25 (3), 145-160.
Publisher – Google Scholar
Ismail, N. A., Raja Mohd. Ali, R. H., Mat Saat, R. and Mohamad Hsbollah, H. (2007a), ‘Strategic information systems planning in Malaysian public universities,‘ Campus-Wide Information Systems, 24 (5), 331-41.
Publisher – Google Scholar
Ismail, S., Alias, R. A., Ibrahim, O. and Abdul Rahman, A. (2007b), An integrated framework for IT governance in the Malaysian Ministry of Education. Postgraduate Annual Research Seminar (PARS ’07). UTM, Malaysia.
ISO/IEC (2008), ISO/IEC 38500:2008 Corporate governance of information technology. International Organization for Standardization/International Electrotechnical Commission.
ITGI (2003), Board briefing on IT governance, IT Governance Institute, IL.
Johnston, A. C. and Warkentin, M. (2010), ‘Fear appeals and information security behaviors: An empirical study,’ MIS Quarterly, 34 (3), 549.
Kaur, J., Mohamed, N. and Ahlan, A. R. (2011), ‘A confirmatory factor analysis of the information technology governance effectiveness: Evidence from Malaysia’ Research and Innovation in Information Systems (ICRIIS), 2011 International Conference on, 23-24 Nov 2011, 1-5.
Kilic, N. and Metin, B. (2012), ‘Importance of education in information technology governance’ Logistics and Industrial Informatics (LINDI), 2012 4th IEEE International Symposium on, 65-68.
Knapp, K. J., Marshall, T. E., Rainer, R. K. and Ford, F. N. (2006), ‘Information security: Management’s effect on culture and policy,‘ Information Management & Computer Security, 14 (1), 24-36.
Publisher – Google Scholar
Korac-Kakabadse, N. and Kakabadse, A. (2001), ‘IS/IT governance: Need for an integrated model,’ Corporate Governance, 1 (4), 9-11.
Publisher – Google Scholar
Leonard, L. N. K., Cronan, T. P. and Kreie, J. (2004), ‘What influences IT ethical behavior intentions—planned behavior, reasoned action, perceived importance, or individual characteristics?,‘ Information & Management, 42 (1), 143-158.
Publisher – Google Scholar
Lohmöller, J.-B. (1989), Latent variables path modeling with partial least squares, Physica-Verlag, Heildelberg.
Publisher
Maidin, S. S. and Arshad, N. H. (2010), ‘Information technology governance practices in Malaysian public sector‘ 2010 International Conference on Financial Theory and Engineering (ICFTE), 281-285.
Publisher – Google Scholar
Mansur, A. (2010), ‘Measuring IT governance effectiveness using ITG diagnostic diamond: A case study of information technology division, IIUM’ Information and Communication Technology for the Muslim World (ICT4M), 2010 International Conference on, C-1-C-6.
Marcoulides, G. A., Chin, W. W. and Saunders, C. (2009), ‘A critical look at partial least squares modeling,’ MIS Quarterly, 33 (1), 171-175.
McKinsey. (2012). Delivering large-scale IT projects on time, on budget, and on value [Online]. [Retrieved 31 Oct 2012] [Available: http://www.mckinsey.com/insights/business_technology/
delivering_large-scale_it_projects_on_time_on_budget_and_on_value].
Meyer, J. P. and Allen, N. J. (1991), ‘A three-component conceptualization of organizational commitment,‘ Human Resources Management Review, 1 (1), 61-89.
Publisher – Google Scholar
Mohamed, N. and Gian Singh, J. K. (2012), ‘A conceptual framework for information technology governance effectiveness in private organizations,’ Information Management & Computer Security, 20 (2), 88-106.
Monnoyer, E. and Willmott, P. (2005), ‘What IT leaders do: Companies that rely on IT governance systems alone will come up short,’ McKinsey Quarterly on IT, 2-6.
Mowday, R. T. (1998), ‘Reflections on the study and relevance of organizational commitment,‘ Human Resource Management Review, 8 (4), 387-401.
Publisher – Google Scholar
Mowday, R. T., Porter, L. W. and Steers, R. M. (1982), Employee-organization linkages: The psychology of commitment, absenteeism, and turnover, Academic Press, San Diego, CA.
National Computing Centre (2005), IT governance: Developing a successful governance strategy – a best practice guide for decision makers in IT, National Computing Centre, Manchester.
Nolan, R. and McFarlan, F. W. (2005), ‘Information technology and the board of directors,’ Harvard Business Review, 83 (10), 96-106.
Othman, M. F. I. and Chan, T. (2013), ‘Barriers to formal IT governance practice–insights from a qualitative study’ System Sciences (HICSS), 2013 46th Hawaii International Conference on, 4415-4424.
Othman, M. F. I., Chan, T., Foo, E., Nelson, K. J. and Timbrell, G. T. (2011), Barriers to information technology governance adoption : A preliminary empirical investigation. In: Soliman, K. S. (ed.) Proceedings of 15th International Business Information Management Association Conference.
Peterson, R. (2004), ‘Crafting information technology governance,‘ Information Systems Management, 21 (4), 7-22.
Publisher – Google Scholar
Podsakoff, P. M., MacKenzie, S. B., Lee, J. Y. and Podsakoff, N. P. (2003), ‘Common method biases in behavioral research: A critical review of the literature and recommended remedies,‘ Journal of Applied Psychology, 88 (5), 879.
PwC (2012), Information security breaches survey – Technical report.
Publisher – Google Scholar
Ringle, C. M., Wende, S. and Will, A. (2005), SmartPLS. 2.0 (beta) ed. Hamburg, Germany: SmartPLS.
Robertson, C. J., Crittenden, W. F., Brady, M. K. and Hoffman, J. J. (2002), ‘Situational ethics across borders: A multicultural examination,‘ Journal of Business Ethics, 38 (4), 327-338.
Publisher – Google Scholar
Scholarios, D. and Marks, A. (2004), ‘Work-life balance and the software worker,‘ Human Resource Management Journal, 14 (2), 54-74.
Publisher – Google Scholar
Simonsson, M. and Johnson, P. (2006), ‘Assessment of IT governance-A prioritization of Cobit’ Proceedings of the Conference on Systems Engineering Research, 1-10.
Stanton, J. M., Stam, K. R., Guzman, I. and Caledra, C. (2003), ‘Examining the linkage between organizational commitment and information security’ Systems, Man and Cybernetics, 2003. IEEE International Conference on, 3, 2501-2506.
Szajna, B. (1994), ‘Research note,’ MIS Quarterly, 18 (3), 319-324.
Publisher
Tan, K. S., Eze, U. C. and Teo, W. L. (2008), ‘Information technology governance in the Malaysian electronics manufacturing industry,’ Communications of the IBIMA, 3, 138-144.
Tan, K. S., Teo, W. L. and Lai, K. P. (2009), ‘The applicability of information technology governance in the Malaysian SMEs’ Proceeding of 12th International Business Information Management Conference.
Tan, K. S., Teo, W. L. and Lai, K. P. (2011), ‘The applicability of information technology governance in the Malaysian SMEs,’ Journal of Innovation Management in Small and Medium Enterprises, 2011, 1-10.
Publisher
Teo, W. L. and Tan, K. S. (2010), Adoption of information technology governance in the electronics manufacturing sector in Malaysia. Enterprise IT governance, business value and performance measurement. Shi, N. S. and Silvius, G. (eds.), IGI Global, Hershey, PA.
Webb, P., Pollard, C. and Ridley, G. (2006), ‘Attempting to define IT governance: Wisdom or folly?’ System Sciences, 2006. HICSS’06. Proceedings of the 39th Annual Hawaii International Conference on, 8, 194a-194a.
Weill, P. and Ross, J. W. (2004), IT governance: How top performers manage IT decision rights for superior results, Harvard Business School Press, Boston, MA.
Willcocks, L., Feeny, D. and Olson, N. (2006), ‘Implementing core IS capabilities:: Feeny–Willcocks IT governance and management framework revisited,‘ European Management Journal, 24 (1), 28-37.
Publisher – Google Scholar
Wold, H. (1982), Soft modelling, the basic design and some extensions. Systems under indirect observation: Causality-structure-prediction. Part ii. Wold, H. and Jöreskog, K.-G. (eds.), North-Holland Publishing Company, Amsterdam.
Yap, M. L., Noor Habibah, A., Halilah, H., Yap, B. W., Muhammad, Y. and Azlinah, M. (2010), ‘IT governance awareness and practices: An insight from Malaysian senior management perspective,’ Journal of Business Systems, Governance and Ethics, 5 (1), 43-57.