Information technology governance: Lessons learned from the Covid-19 crisis
List of Authors
  • Abdellah Aajly , Manal Ahdadou , Mohamed Tahrouch

Keyword
  • Information Technology, IT Governance, Covid-19, board of directors

Abstract
  • IT governance focuses on how to align Information Technology with the organization's goals and strategy so that the organization can deliver value from IT. During the Covid-19 crisis, many lessons and insights for ITG have come to light. As the new reality imposed by the ongoing pandemic forced businesses to continuously adopt new technologies, it has also highlighted their need for a stronger IT Governance framework to face the uncertainties and the risks that go hand in hand with IT. This paper aims to reflect on Covid-19 implications for IT Governance. Lessons learned from this crisis can help us envision and adopt an improved Information Technology Governance approach that is even more resilient to deal with future disruptions.

Reference
  • 1. Abu-Musa, A. (2007). Exploring Information Technology Governance (ITG) in Developing Countries: An Empirical Study. The International Journal of Digital Accounting Research, Vol. 7, N. 13-14, pp. 71-120

    2. Ako-Nai, A., & Singh, A. (2019). Information technology governance framework for improving organisational performance. SA Journal of Information Management. 21. 10.4102/sajim.v21i1.1010.

    3. Barrera, S.M.B., Yoon, H., Kim, K. & Hwang, J. (2018). IT Governance Effectiveness and Its Influence on Innovation Product and Process. 2018 Portland International Conference on Management of Engineering and Technology (PICMET). doi: 10.23919/PICMET.2018.8481752

    4. Beachboard, J.C., Probst,J. & Aytes, K. (2010). IT Governance and IT Management: Is there a difference that makes a difference? InSITE 2010: Informing Science + IT Education Conference. doi:10.28945/1234

    5. Broadbent M. & Weill P. (1998). Leveraging the new infrastructure – How market leaders capitalize on Information Technology. Academy of Management Perspectives, 12(4), 137-138

    6. Callahan J. & Keyes D. (2003). The evolution of IT Governance at NB Power. IN W. Van Grembergen (Ed.), Strategies for Information Technology Governance. Idea Group Publishing

    7. De Haes,S. & Van Grembergen,W. (2006) Information Technology Governance Best Practices in Belgian Organizations, System Sciences. Available at: https://www.researchgate.net/publication/4216402_Information_Technology_Governance_Best_Practices_in_Belgian_Organisations

    8. De Haes,S. & Van Grembergen,W. (2015). Enterprise Governance of Information Technology : Achieving Alignement and Value Futuring COBIT5 2nd Edition, Springer.

    9. Deloitte (2020). The Board’s role in the COVID-19 crisis. Available at: https://www2.deloitte.com/content/dam/Deloitte/za/Documents/about-deloitte/za-The-Boards-role-in-the-COVID-19-crisis.pdf

    10. Deloitte (2021). Impact of COVID-19 on Cybersecurity. Available at: https://www2.deloitte.com/ch/en/pages/risk/articles/impact-covid-cybersecurity.html

    11. Flaxman, S., Mishra, S., Gandy, A., Unwin, H. J. T., Mellan, T. A., Coupland, H., Whittaker, C., Zhu, H., Berah, T., Eaton, J. W., Monod, M., Perez-Guzman, P. N., Schmit, N., Cilloni, L., Ainslie, K. E. C., Baguelin, M., Boonyasiri, A., Boyd, O., Cattarino, L., … Imperial College COVID-19 Response Team. (2020). Estimating the effects of non-pharmaceutical interventions on COVID-19 in Europe. Nature, 584(7820), 257‑261. https://doi.org/10.1038/s41586-020-2405-7

    12. Fukuyama, F. (2016). Governance : What Do We Know, and How Do We Know It? Annual Review of Political Science, 19(1), 89‑105. https://doi.org/10.1146/annurev-polisci-042214-044240

    13. Gartner (2020, 30 September). Gartner Says 69% of Boards of Directors Accelerated Their Digital Business Initiatives Following COVID-19 Disruption. Gartner. https://www.gartner.com/en/newsroom/press-releases/2020-09-30-gartner-says-sixty-nine-percent-of-boards-of-directors-accelerated-their-digital-business-initiatives-folloing-covid-19-disruptions

    14. Hsiang, S., Allen, D., Annan-Phan, S. et al. The effect of large-scale anti-contagion policies on the COVID-19 pandemic. (2020). Nature. 584, pp: 262–267 https://doi.org/10.1038/s41586-020-2404-8

    15. IDB (2020, 20 April). Corporate Governance: COVID-19 and the Board of Directors. IDB Invest. https://www.idbinvest.org/en/publications/corporate-governance-covid-19-and-board-directors

    16. IIA (2010). Auditing It Governance. IPPF: International Professional Practices Framework. Accessed on 25/11/2021. Available: https://www.iia.nl/SiteFiles/GTAG%2017%20Auditing%20IT%20Governance.pdf

    17. ISACA ( 2020a, 7 December). The Role of IT Governance in Addressing Pandemic-Related Cyberrisk. https://sf-sit.isaca.org/resources/news-and-trends/industry-news/2020/the-role-of-it-governance-in-addressing-pandemic-related-cyberrisk

    18. ISACA (2020b, 16 December). The Role of IT Governance During COVID-19 and Beyond: Keeping the Momentum. https://www.isaca.org/resources/isaca-journal/issues/2020/volume-6/the-role-of-it-governance-during-covid-19-and-beyond-keeping-the-momentum

    19. ISACA (2020c, 12 August). IT Governance and the COVID-19 Pandemic. https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2020/it-governance-and-the-covid19-pandemic

    20. ITGI (2005a). Board Briefing on IT Governance, Information Technology Governance Institute. http://www.itgi.org/.

    21. ITGI (2005b). Governance of the Extended Organization, Bridging Business and IT Strategies, Hoboken, NJ: John Wiley &Sons.

    22. Javaid, M. & Haleem,A. (2019). Industry 4.0 applications in medical field: a brief review. Current Medicine Research and Practice, pp: 102–109, https://doi.org/10.1016/j.cmrp.2019.04.001

    23. Jump in cyber attacks during Covid-19 confinement: The number of cyber attacks reported in Switzerland during the height of the Covid-19 pandemic was up to three times higher than normal.. June 7, 2020. Swissinfo.ch from https://www.swissinfo.ch/eng/jump-in-cyber-attacks-during-covid-19-confinement/45818794

    24. Kappelman, L., Johnson, V., McLean, E., & Maurer, C. (2018). The 2017 SIM IT Issues and Trends Study, MISQ Exec, 17 (1), pp.53-88.

    25. Kumar, M. S., Raut, D., Narwane, D., & Narkhede, D. (2020). Applications of industry 4.0 to overcome the COVID-19 operational challenges. Diabetes & metabolic syndrome, 14(5), 1283–1289. https://doi.org/10.1016/j.dsx.2020.07.010

    26. Kumar, S., & Rao, P. (2021). Challenges are thrown in Corporate Governance during COVID 19. Academia Letters, Article 2949. https://doi.org/10.20935/AL2949

    27. Lallie, H. S., Shepherd, L. A., Nurse, J. R. C., Erola, A., Epiphaniou, G., Maple, C., & Bellekens, X. (2021). Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers & Security, 105, 102248. doi:10.1016/j.cose.2021.102248

    28. Levstek, A., Pucihar, A. & Hovelja, T. (2022). Towards an Adaptive Strategic IT Governance Model for SMEs. Journal of Theoretical and Applied Electronic Commerce Research, Vol 17, No 1, pp. 230-252.

    29. Luftman, J. (2000). Assessing Business-IT Alignment Maturity. Communications of the Association for Information Systems, 4, pp-pp. https://doi.org/10.17705/1CAIS.00414

    30. Luftman, J. (2015). Strategic Alignment Maturity. Handbook on Business Process Management 2. Springer.

    31. Lunardi, G.L., Macada, A.C.G., Becker, J.L. & Van Grembergen, W. (2017). Antecedents of IT governance effectiveness: An empiricalexamination in Brazilian firms. Journal of Information Systems.Vol. 31 No 1, pp. 41–57.

    32. Mather, P. (2020). Leadership and governance in a crisis: some reflections on COVID-19. Journal of Accounting & Organizational Change, Vol. 16 No. 4, pp. 579-585. https://doi.org/10.1108/JAOC-08-2020-0123

    33. O’Leary, D. E. (2020). Evolving Information Systems and Technology Research Issues for COVID-19 and Other Pandemics. Journal of Organizational Computing and Electronic Commerce, 30(1), 1‑8. https://doi.org/10.1080/10919392.2020.1755790

    34. Randles Brett (27 May 2021). US Colonial Pipeline Attack - Consequences for the Security of Critical Infrastructure in Europe. Dac Beachcroft. https://www.dacbeachcroft.com/en/gb/articles/2021/may/us-colonial-pipeline-attack-consequences-for-the-security-of-critical-infrastructure-in-europe/

    35. Sibanda, Mabutho & Ramrathan, Durrel. (2017). Influence of Information Technology on Organization Strategy. Foundations of Management. 9. 10.1515/fman-2017-0015.

    36. SIM (2019). Issues, Investments, Concerns, & Practices of Organizations and their IT Executives, Comprehensive Report: Results and Observations from the SIM IT Trends Study. Society for Information Management. Available at: https://trends.simnet.org/trends-study-archive

    37. SIM (2020), Issues, Investments, Concerns, & Practices of Organizations and their IT Executives, 2019 Comprehensive Report: Results and Observations from the SIM IT Trends Study. Society for Information Management. Available at: https://trends.simnet.org/trends-study-archive

    38. Spear, R., Erdi, G., Parker, M. & Anastasiadis, M. (2020). Innovations in Citizen Response to Crises: Volunteerism & Social Mobilization During COVID-19. 12. Interface. https://www.researchgate.net/publication/341607275_Innovations_in_Citizen_Response_to_Crises_Volunteerism_Social_Mobilization_During_COVID-19

    39. Turel, O., Liu, P. & Bart, C. (2017). Board-level information technology governance effects on organizational performance: The roles ofstrategic alignment and authoritarian governance style. Information Systems Management. Vol 34 No 2, pp. 117–136.

    40. Vijayan, J. (10 May 2010). Heartland breach expenses pegged at $140M -- so far. Computerworld, Inc. https://www.computerworld.com/article/2518328/heartland-breach-expenses-pegged-at--140m----so-far.html

    41. Weill, P & Woodham R. (2002). Don’t Just Lead, Govern: Implementing Effective IT Governance. CISR, WP no. 326.

    42. Weill, P. & Ross J. (2004). IT Governance: How Top Performers Manage IT Decision Rights for Superior Results. Harvard Business School Press.

    43. Weill, P. (2004). Don't just lead, govern: How top-performing firms govern IT. MIS Quarterly Executive, Vol 3 N°1, pp.1-17.

    44. Whitler, K. A. & Farris, P. (2017). The Impact of Cyber Attacks On Brand Image: Why Proactive Marketing Expertise Is Needed for Managing Data Breaches. Journal of Advertising Research. 57(1):3-9.

    45. WHO (2020, 31 January). 2019-nCoV Outbreak Is an Emergency of International Concern. World Health Organization. www.euro.who.int/en/health-topics/healthemergencies/international-health-regulations/news/news/2020/2/2019-ncov-outbreak-is-anemergency-of-international-concern

    46. WHO (2021, 26 November). Coronavirus Disease (COVID-2019) Dashboard. World Health Organization. https://covid19.who.int/

    47. Young, Raymond & Jordan, Ernest. (2002). IT Governance and Risk Management: an integrated multi-stakeholder framework.

    48. Zimmerling, A., & Chen, X. (2021). Innovation and possible long-term impact driven by COVID-19: Manufacturing, personal protective equipment and digital technologies. Technology in Society, 65, 101541. doi:10.1016/j.techsoc.2021.101541