Printer Friendly

Developing a framework to improve and enhance IT services at one Malaysian private university.


Information Technology (IT) is the technology that assists enterprises, organizations, and universities to achieve goals more efficiently and to propel the business into new heights right from the first day. IT governance is a process by which the objectives of the entity that give impact on Information Technology are agreed, directed, and controlled [1]. IT governance facilitates an efficient organization and opens opportunities for the organization to achieve competitive advantage [2]. Effective IT governance is responsible for distributing the decision making to the individuals that are best qualified to be privy to the needs of the organization and the implications of these needs [3].

For universities, IT has become critical in all aspects such as teaching, researching and administration. IT has become a strategic partner and an effective strategic instrument for most universities and educational institutions [4][5].

As a result of the importance of IT governance (ITG) at universities, an IT governance framework is developed to provide more efficient and better IT services in order to improve and enhance the performance of IT services in one of the Malaysian private universities.


The most commonly used IT Governance definition was brought forward by Weill & Ross, ITGI, Webb, Pollard, & Ridley and Van Grembergen & De Haes. Some of these definitions are:

"IT governance is about specifying the decision rights and accountability framework to encourage desirable behaviour in the use of IT" [3].

"IT governance is the responsibility of the board of directors and executive management. It is an integral part of enterprise governance and consists of the leadership and organizational structures and processes that ensure that the organization's IT sustains and extends the organization's strategies and objectives" [2].

"IT Governance is the strategic alignment of IT with the business such that maximum business value is achieved through the development and maintenance of effective IT control and accountability, performance management and risk management" [6].

On the basis of the above definitions, it is evident that there are differences among them but they also have similarities one of which is their main focus on similar issues and aspects of organizations; for instance, aligning business with IT and the responsibilities of the board. This definition of IT governance is selected as the Control Objectives for Information and Related Technology (COBIT) framework upon which the present study is based on [2][3][7].

IT governance is basically concerned with the way IT delivers value and it's the management of the risks associated with it which can be brought about through the strategic alignment of business and IT, resource management and performance management [2][8].

Moreover, IT governance's main focus areas are urged by stakeholder value and they are five; two are outcomes in the form of value delivery and risk management while three are drivers in the form of strategic alignment, resource management and performance measurement. An explanation of these drivers is provided below [9]: Strategic Alignment--This guarantees that the relation between business and IT plans are driven to provide a definition, to sustain and validate proposed IT value and to align IT and firm's processes.

Value Delivery--This executes the value proposition across the cycle of delivery while at the same time making sure that IT delivers benefits for the strategy, and focuses on maximizing costs and on realizing intrinsic IT value.

Resource Management--This optimizes critical IT resources investments consisting of processes, people, applications, infrastructure and information and ensures their proper management. The optimization of knowledge and infrastructure has related crucial issues. Risk Management--This refers to the promotion of awareness of risk of senior corporate officers and their explanation of the firm's intention to be open to risk, and its vulnerability to risks that the firm is facing and the appropriation of management responsibilities. Performance Measurement--It refer to tracks and monitors of implementation strategy, completion of the project, use of resources, performance of processes and delivery of service with the help of balanced scorecards translating strategy into action to attain objectives that can be measured through unconventional means. Figure 1, depicts areas of IT governance with the preferred initial starting point as IT strategy alignment even though it is possible to start at any area.


Some researchers suggested that a framework of structures, processes, and relational mechanisms can be used for the implementation of IT governance. The structures encapsulates the presence of well defined roles and responsibilities and IT steering committees while processes includes strategic decision-making and the utilization of differing IT governance and management standards such as Information Technology Infrastructure Library) ITIL and COBIT which provides Information System (IS) organization with ways to examine its activities and its business value. Finally, the relational mechanisms encapsulate shared learning and strategic communication between business and IT and ensuring proper constant effective communication [7].


Currently, organizations are showing interest in adopting the best practices and standards for IT governance. A framework offers the boundaries, the principles to follow and the guidelines through which a vision is provided as a philosophical base and the construction structure. It offers the basic structure that is flexible to apply in a certain environment [10]. These frameworks such as COBIT and ITIL provide useful guidelines for universities to improve the performance of its IT services and to maintain acceptable IT service quality.

The Model of Control Objectives for Information and Related Technology (COBIT) offers effective practices throughout a framework and lays down activities in an organized and flexible structure. These practices assist in optimizing IT-enabled investments, guarantee delivery of service and offers protection against who's accountable for the wrongs [2]. The model postulates four stages in the information systems lifecycle, namely plan and Organize (PO), Acquire and Implement Automated Solutions (AI), Deliver and Support (DS), and Monitor and Evaluate (ME). For the purpose of the identification of the right step to achieve IT excellence, companies are required to implement COBIT [2][11].

Information Technology Infrastructure Library (ITIL) describes IT services as based on the utilization of Information Technology and reinforces the customer's business processes. Also, it regards IT Service Management as the employment and management of quality IT services that satisfies business needs [12]. ITIL is one of the most used sets of best practices in the IT society [13]. As a set of comprehensive best practice that provides support and delivery through the use of high quality IT services.

ITIL is primarily a framework that governs IT and focuses on the continuous measurement and enhancement of IT service quality delivery. ITIL comprises of five service levels which are also known ITIL service lifecycle, namely service strategy, service design, service transition, service operation, and continual service improvement [12][14].


The basic and vital element that's guides the complete research processes is called as research methodology. Employing a good research methods facilitate and sustains the successful completion of the research study. Research methods can be classified as: quantitative, qualitative, and mixed methods. All these forms can be used to recognize research problems and to answer the research questions [15][16]. In this study, a mixed approach found to be suitable to gain better understanding of this study. Survey questionnaire and interviews are the methods used in this study. After data were collected by using interview and survey questionnaire, the data was analyzed by looking for relationships and themes in data. The objective of the questionnaire is to establish the situation of IT services at the university by gauging the perception, and satisfaction level of the services provided by the IT unit and their staff to the system users. The questionnaire which consists of 21 questions, were distributed randomly to 50 system users from the university. Besides the use of questionnaire, data is collected from the interview which aims to establish the situation to challenge surrounding IT services, and to establish the ways IT services are aligned to business. In questionnaire, the response rate is 100% and the results are analyzed using statistical software SPSS17. In addition, this research study uses the model of Cronbach's alpha, as a fundamental measure to evaluate the reliability of the questionnaire. The value of Cronbach's alpha, ranges from 0 to 1. When the value is greater than 0.7, it is considered an acceptable value with the indication that the confidence of the research is high [17]. In this research study, the percentage of Cronbach's alpha is (.838). While the data is obtained from interviews with two personals engaged in IT services. These interviews are conducted face-to-face. The questions of the interview focus on their experiences related to IT services. A set of 15 questions are asked during the interview. The data were analyzed based on a relationship and a theme of collected empirical data.

VI. Results & Findings

In this study, the analysis of data and results carried out through the use of interviews and questionnaires. The data of questionnaire was analyzed by using statistical analysis. While for interviews a thematic analysis was used. The finding of survey questionnaire is based on the perception of the system user. The data includes positive and negative findings. The positive findings are: the services provided by IT unit are valuable to the users and the users' information is protected.

While the negative findings are: (i) there are weakness in the features and speed of the Internet provided by IT services in the university (ii) lacks of continuous maintenance of services in IT unit, while the IT service staffs lacks the ability to understand and troubleshoot the problems (iii) there is lack of assistance provided by the help desk of IT service (iv) the quality of IT service is moderate. The findings of interviews include positive and negative findings. The positive findings are IT service facilities within university are tangible, satisfactory and the applications and system software is considered good tasks provided by IT service providers.

The negative findings of interviews are: (a) lack/insufficient of implementing standards. The lack of implementing standards in the university was lead to weaknesses in performance of IT services (b) structures and processes do not work out well. The lack of structures and procedures that work well has affected the alignment between business strategies and IT (c) the lack of alignment between business and IT has affected the services provided by the IT unit in university in a negative manner.

IV. IT Service Framework

A framework is used as a tool to provide the planning, monitoring, and evaluation of research [18]. The needs for using a framework is to assist in the clarification of an outline and in stating a new vision to the organization and helps the organization understand its strengths and weaknesses. Through the establishment of such a framework, university can use it to accomplish its goals, and to enhance the IT services within the university grounds. Hence, one of the main objectives of this study is to propose an IT framework to govern IT service at the university. In this study the framework is categorized into four parts shown in Figure 2, to cover all aspects on how to govern IT services at the university.

Primary stage 1 proposed proposes an organizational chart that makes the governing of IT services possibility. The organizational chart is essential as it determines and affects the sharing of information in organizations. Besides, the chart is a means to check on what the organization has planned to do. Also, it enables the management of the university to achieve appropriate governance in IT services through monitoring its different units. This study proposes a governance chart, which is presented in a hierarchical frame work, to provide a clear depiction with regards for making a strategic decision on IT service.

Primary stage 2 clarifies the gaps in IT services in the university and propose the solutions. These gaps were based on the findings from the questionnaire and interviews. There are three essential elements namely structures, processes, and relational mechanisms that require close examination in the implementation of IT governance framework. These three elements ensure the improvement of the IT services at the university [7]. Following identification of the gaps, the researcher proposes specific recommendations on how to close each of the gaps.

Primary stage 3 describes the cycle of IT services in the university. This cycle enables the framework to accomplish its mission in the improvement and enhancement of the services provided by the IT unit. It acts as a road map for the improvement and enhancement of IT services at the university. The life cycle includes five levels, starting from level 1(strategy) to level 5 (Continual service improvement).

Primary stage 4 proposes transformational plan for the implementation of IT governance framework on IT services, which is designed based on the proposed IT service life cycle and the findings of this study. The life cycle presents five levels that the university should undergo to identify its current position and to move to the desired level. In order to improve and enhance the services that provided by the IT unit, it is necessary to start from the first level and gradually reach the fifth level of the cycle.


This study reveals the achievements in fulfilling the goal of providing valuable insights and proposing a framework for IT service unit at one Malaysian private university. All managers and staff have to take into account that IT service unit is one of the cornerstones to improve all services at the university. By following the correct and uniform stages of the proposed framework, this will present a structured and organized environment for all university staff to improve and enhance all services provided by IT unit.

Moreover, the aim of this study is presenting an IT governance framewok, which will assist the senior manager and staff of the IT unit at the university to improve and enhance IT services. This will help to reduce costly surprises, and lead to better outcomes. Ultimately, all of these will help and assist the university in achieving its goals and objectives.


[1] W. Van Grembergen and S. DE Haes, "Enterprise governance of information technology: achieving strategic alignment and value," New York: Springer, 2009.

[2] ITGI (IT Governance Institution), "Control objectives for information and related technology", 4.1th Edition, Rolling Meadows, IL, 2007, available at:

[3] P. Weill and J.W. Ross, "IT Governance: how top performers Manage IT Decision rights for Superior Results," Boston: Harvard Business School Press, 2004.

[4] CRUE. "Governance of information technology in Higher Education," Spain: Spanish Association of University Rectors, White Paper, 2009.

[5] N. Ravjee, "The politics of e-learning in South African Higher Education," International Journal of Education and Development using Information and Communication Technology (IJEDICT), vol. 3, no. 4, 2007, pp. 27-41.

[6] P. Webb, C. Pollard, and G. Ridley, "Attempting to define IT governance: wisdom or folly?," Proceedings of the 39th Hawaii International Conference on System Sciences, 2006.

[7] W. Van Grembergen and S. DE Haes, "Implementing information technology governance: models, practices and cases," New York: IGI Global, 2008.

[8] ISACA (Information System Audit and Control Association), "About ITGI," 2009, available at:, retrieved on 5 November 2012.

[9] S. Buckby, P. Best, and J. Stewart, "IT governance and service management: frameworks and adaptations," Aileen Cater-Steel (ed.), The Current State of Information Technology Governance Literature, Hershey: IGI Global Publishing, 2009, pp. 4-55.

[10] G. Ridley, J. Young, and P. Carroll, "COBIT and its utilization: a framework from the literature," Paper presented at the 37th Annual Hawaii International Conference on System Sciences (HICSS'04), 2004.

[11] N. Robinson, "IT excellence starts with governance,". Journal of Investment Compliance, vol. 6, no. 3, 2005, pp. 45- 49.

[12] OGC (Office of Governance Commerce), "The official introduction to the ITIL service lifecycle," UK: TSO, 2007.

[13] TeamQuest, "TeamQuest and ITIL: enterprise IT best practices Part 4," White paper, USA, 2010

[14] itSMF (IT Service Management Forum), "An introductory overview of ITIL V3: a High-Level Overview of the IT Infrastructure Library," itSMF Ltd, 2007.

[15] M. Saunders, P. Lewis, and A. Thornhill, "Research methods for business students," 5th. Ed. London: Person Education Ltd, 2009.

[16] M. D. Myers, "Qualitative research in business & management," London: Sage Publications Ltd, 2009.

[17] Jr. Hair, W. C. Black, B. J. Babin, and R. E. Anderson, "Multivariate Data Analysis," 7th. Ed. Pearson Prentice Hall, 2010.

[18] B. D. Carrier, and E. H. Spafford, "Categories of digital investigation analysis techniques based on the computer history model," Digital Investigation, vol. 3, 2006, pp. 121-130.

Rasha Adnan Khther, Marini Othman

College of Information technology, University Tenaga Nasional

Jalan IKRAM- UNITEN, 43000 Kajang, Selangor Darul Ehsan, Malaysia

COPYRIGHT 2013 College of Information Technology, Universiti Tenaga Nasional
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2013 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Author:Khther, Rasha Adnan; Othman, Marini
Publication:Electronic Journal of Computer Science and Information Technology (eJCSIT)
Article Type:Report
Geographic Code:9MALA
Date:Jan 1, 2013
Previous Article:Development of a semi-automated electoral system: case study: Nigeria electoral system.
Next Article:A Delphi study into the audit challenges of it governance in the Australian public sector.

Terms of use | Privacy policy | Copyright © 2019 Farlex, Inc. | Feedback | For webmasters