Communications of the Association for Information Systems


With the passage of the Sarbanes-Oxley Act in the United States in 2002, and an ever-increasing corporate focus on ensuring prudent returns on technology investments, the notion of IT governance became a major issue for both business practitioners and academics. Although the term "IT governance" is a relatively new addition to the syntax of academic research, significant previous work is reported on IT decisions rights and IT loci of control, notions that are synonymous with the current understanding of IT governance. This paper presents a literature review for existing research in IT governance. A framework, named the Conceptual Framework For IT Governance Research is proposed to provide a logical structure for existing research results. Using this framework, we classify the previous literature on governance into two separate streams that follow parallel paths of advancement. A popular contemporary notion of IT governance is then presented, together with the argument that this new notion, by implicitly extending both streams of research, represents an initial amalgamation of the two paths of literature. We conclude that even with the consideration of contemporary structures, academicians and practitioners alike continue to explore the concept of IT governance in an attempt to find appropriate mechanisms to govern corporate IT decisions.