An analysis of cobit 5 as a framework for the implementation of it governance with reference to King III

L. Maseko, B. Marx

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)

Abstract

Owing to the complexity and general lack of understanding of information technology (“IT”), the management of IT is often treated as a separately managed value-providing asset. This has resulted in IT rarely receiving the necessary attention of the board, thus creating a disconnect between the board and IT. The King Code of Governance for South Africa 2009 (hereafter referred to as “King III”) provides principles and recommended practices for effective IT governance in order to create a greater awareness at board level. King III, however, provides no detailed guidance with regard to the practical implementation of these principles and practices. It is worth noting that numerous international guidelines are recommended within King III that can be adopted as frameworks to assist in the effective implementation of IT governance. COBIT 5 provides, as part of its governance process practices, related guidance activities linking it to the seven IT governance principles of King III, thus making it a practical framework for the implementation of King III recommendations. This study sought to establish the extent to which the governance processes, practices and activities of COBIT 5 are mapped to the recommended practices of IT governance as highlighted in King III in order to resolve COBIT 5 as the de facto framework for IT governance in terms of King III. The study found that though King III principles and practices may be interpreted as vague with regard to how to implement IT governance principles, COBIT 5 succeeds in bridging the gap between control requirements, technical issues, information systems and business risk, which consequently results in a better facilitation of IT governance. The study also revealed that COBIT 5 contains additional activities to assist the board in more transparent reporting of IT performance and conformance management to stakeholders as well activities which enable the connection of resource management with human resources and financial planning.

Original languageEnglish
Pages (from-to)20-34
Number of pages15
JournalRisk Governance and Control: Financial Markets and Institutions
Volume6
Issue number1
DOIs
Publication statusPublished - 1 Dec 2016

Keywords

  • Board
  • COBIT 5
  • Governance activities
  • IT governance
  • King III

ASJC Scopus subject areas

  • Finance
  • Economics and Econometrics
  • Strategy and Management

Fingerprint

Dive into the research topics of 'An analysis of cobit 5 as a framework for the implementation of it governance with reference to King III'. Together they form a unique fingerprint.

Cite this