Exploring the importance and implementation of COBIT processes in Saudi organizations

Abu‐Musa, Ahmad A.

doi:10.1108/09685220910963974

Cited by 25 publications

(15 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The adjustment of complexity and initial implementation problems with COBIT 5 require specific and detailed guidance [2], [29], [30], [4], [33]. To address these issues the development of a minimum baseline, as known from COBIT 4.1 [43], indeed would possibly depict a suitable approach [3].…”

Section: Discussionmentioning

confidence: 99%

“…Generally a criticism on the complexity of frameworks like COBIT 5 is issued in literature [2], [29], [4], [31], while some authors address more specific aspects of COBIT. In particular, a group of publications determines, that the implementation is considered challenging since there is no or insufficient guidance on how to plan, initiate and structure this important, costly and critical process [3], [4], [31], [33]- [37]. The degree of complexity of COBIT 5 becomes ultimately tangible when consulting the research project by Bartens et al [32], which dealt with the prototype development for designing [38] a graphical layer onto the COBIT 5 process model as a possible addition to ISACA's COBIT 5 knowledge base and product suite.…”

Section: Complexity Of Egitmentioning

confidence: 99%

See 1 more Smart Citation

On the Way to a Minimum Baseline in IT Governance: Using Expert Views for Selective Implementation of COBIT 5

Bartens

Haes

Lamoen

et al. 2015

2015 48th Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

Information Technology (IT) nowadays is integral part in most organizations and business models, putting Enterprise Governance of IT (EGIT) in focus of researchers and practitioners. A common approach for the implementation of EGIT in organizations is the use of best-practice frameworks, of which COBIT 5 is a very well-known example. However, recent studiesshow that COBIT 5, with its 37 EGIT processes, is often perceived as complex and organizations do not know where to start. To contribute to this concern, this papers reports on a Delphi study that was conducted to capture data on the perceived ease and effectiveness of specific COBIT 5 processes. Our results as such identify (perceived) effective and easy processes as a starting point for IT governance implementations. Experts view processes in the more strategic and governance area typical as more effective but less easy to implement. The more operational processes are typically experienced as easier to implement but also less effective. The result also reports that, according to experts, the most important process to start an EGIT implementation is the process around managing the IT related strategy.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Complexity Of Egitmentioning

confidence: 99%

On the Way to a Minimum Baseline in IT Governance: Using Expert Views for Selective Implementation of COBIT 5

Bartens

Haes

Lamoen

et al. 2015

2015 48th Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

show abstract

“…A system of internal control is a structured process that comprises five integral and inter-related elements which should assist in the mitigation of risks which, in turn, should provide reasonable assurance that relevant business objectives will be attained in the foreseeable future (COSO, 1992) (COSO, 2012). The five inter-related elements of a system of internal control pertain to (Coetzee, 2006) (Abu-Musa, 2009) (COSO, 2012) (McNally, 2013); (Martin, Sanders, & Scalan, 2014): 1) control environment (the overall attitude of management towards internal control), 2) risk assessment (the identification and evaluation of risks), 3) internal control activities (the activities which prevent, detect and correct risks), 4) information and communication (the dissemination of information to allow relevant stakeholders to achieve their individual objectives to, in turn, help a business entity achieve its objectives), and 5) monitoring (ensuring that all elements in the system of internal control are adequate and effective). Although all of the five aforementioned inter-related elements are essential for a system of internal control to operate adequately and effectively, this study placed focus on the element of internal control activities within a South African SMME dispensation.…”

Section: Introductionmentioning

confidence: 99%

Do Internal Control Activities Adversely Influence the Profitability and Solvency of South African SMMEs?

Bruwer¹

2018

JEBS

View full text Add to dashboard Cite

Internal control activities should provide reasonable assurance surrounding the attainment of business objectives in the foreseeable future, be they financial or non-financial in nature. Recent studies suggest that internal control activities used within South African Small, Medium and Micro Enterprises (SMMEs) are inadequate and/or ineffective they do not provide reasonable assurance surrounding the attainment of relevant objectives. For this study emphasis was placed on whether internal control activities used by South African SMMEs had an adverse influence on their profitability and solvency. Data were obtained from 119 members of management of South African SMMEs, which allowed a total of14 relationships to be tested. Only four relationships were found to be statistically significant which led to the rejection of the two developed hypotheses. Stemming from the results, it appears that there may be a need for the development of formal policies pertaining to internal control within a South African SMME dispensation.

show abstract

“…In [14] Abu-Musa has made an empirical survey using selfadministered questionnaire among 500 Saudi organizations and 127 valid respond was collected. His findings claims that banks and financial organizations show more concerns to IT governance than other industries.…”

Section: Related Workmentioning

confidence: 99%

Investigation of the COBIT Framework Input/Output Relationships by Using Graph Metrics

Ateser¹,

Tanriover²

2014

Annals of Computer Science and Information Systems

View full text Add to dashboard Cite

Abstract-The information technology (IT) governanceinitiatives are complex, time consuming and resource intensive. COBIT, (Control Objectives for Information Related Technology), provides an IT governance framework and supporting toolset to help an organization ensure alignment between use of information technology and its business goals. This paper presents an investigation of COBIT processes' and inputs/outputs relationships with graph analysis. Examining the relationships provides a deep understanding of COBIT structure and may guide for IT governance implementation and audit plans and initiatives. Graph metrics are used to identify the most influential/sensitive processes and relative importance for a given context. Hence, the analysis presented provide guidance to decision makers while developing improvement programs, audits and possibly maturity assessments based on COBIT framework.

show abstract

Exploring the importance and implementation of COBIT processes in Saudi organizations

Cited by 25 publications

References 9 publications

On the Way to a Minimum Baseline in IT Governance: Using Expert Views for Selective Implementation of COBIT 5

On the Way to a Minimum Baseline in IT Governance: Using Expert Views for Selective Implementation of COBIT 5

Do Internal Control Activities Adversely Influence the Profitability and Solvency of South African SMMEs?

Investigation of the COBIT Framework Input/Output Relationships by Using Graph Metrics

Contact Info

Product

Resources

About