In this study we evaluate ISO/IEC 38500:2008, the Corporate Governance of Information Technology standard, as a design artefact in the context of development and deployment of a large IT system in a public/private-sector context. The findings show that ISO/IEC 38500:2008 has merit as an analytical framework, providing a good basis upon which to objectively evaluate the corporate governance of IT. Further, the study identified specific areas where the standard could be enhanced to take better account of the IT governance requirements of inter-organisational IT systems in public/private-sector contexts. For example, the standard does not adequately address possible agency effects in inter-organisational contexts, the kinds of relational mechanisms that might be needed, or ways to govern the negotiation of diverse and sometimes conflicting stakeholder world views. We conclude by proposing an IT governance model illustrating the need for balance between principle-based and procedure-based approaches for different levels of IT governance.



To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.