تکنولوژی اطلاعات کنترل مدیریت پروژه و اهداف کنترل برای تکنولوژی اطلاعات و فن آوری مربوط به چارچوب اهداف قردادی تکنولوژی اطلاعات(COBIT)
|کد مقاله||سال انتشار||مقاله انگلیسی||ترجمه فارسی||تعداد کلمات|
|3296||2011||12 صفحه PDF||سفارش دهید||8160 کلمه|
Publisher : Elsevier - Science Direct (الزویر - ساینس دایرکت)
Journal : International Journal of Project Management, Volume 29, Issue 3, April 2011, Pages 325–336
Motivated by scarce academic consideration of project management control frameworks, this article explores usage, value and structure of frameworks with a focus on the popular Control Objectives for IT and related Technology (CobiT) construct. We attempt to add to an empirically validated structure of internal control over IT project management by including CobiT's views on the intended domain of content. Results from the empirical survey indicate that the metrics suggested by CobiT are regarded as feasible and important by project management professionals, and are regularly used in controlling practice. Experience, regularity of significant projects and the size of the hosting organisations, however, seem to be stronger moderators of success rates than the use of a management control system with or without support of CobiT. CobiT's suggestions are of generic nature and in particular useful for programme performance management. The latent dimensions of project quality on process and activity levels were not validated and gaps to other project assessment models were identified.
As organisations worldwide constantly strive for competitive advantage, major tools in pursuing their objectives are well functioning projects and resulting project organisations (Lindkvist, 2008;van Donk & Molloy, 2008). Management control of project progress throughout their lifecycles is becoming increasingly recognised for its importance. Recent findings highlight that management control influences task completion competency and, thus, project management performance (Liu et al., 2010). Internal management control is seen as an attempt to optimise employee behaviour in a way that allows the achievement of organisational goals (Flamholtz et al., 1985). Henderson and Lee's (1992) study revealed a positive relationship between the adoption rates of management control and project management performance. In traditional project management, managers concentrate on monitoring project progress against schedules and budgets. More contemporary approaches embrace a variety of variables of control at different levels and stages of the project process, e.g., user contributions, project team task completion competency, and individual project team's performance (Liu et al., 2010). According to Bryde (2003), 65% of the subjects in his study utilise “methods for managing the meeting of specified project objectives”. Business practice and a fast growing audit and consulting industry are already relying on extensive control frameworks to provide assurance that business objectives are being met and compliance issues tackled. These frameworks are often driven by IT governance objectives which play a prominent role in fostering IS project success (Bowen et al., 2007). One well established example is the Control Objectives for IT and related Technology (CobiT) framework (ISACA, 2008) which is extensively used to control IT related strategies and operations and to support legal compliance with regulative requirements such as those from the Sarbanes Oxley Act or Basel 2 (Hardy, 2006 and Kordel, 2004). CobiT was developed by the Information Technology Governance Institute and its associated Information Systems Audit and Control Association. CobiT and other systems for management control refer to best practice guidelines. However, up to date they have received very limited empirical and theoretical support from academia despite their extensive use in organisations in particular for IT, operational and compliance audits (Ridley et al., 2008). The accounting and information systems domains seem to lack an empirically validated theory of internal control that identifies metrics that determine good control (Tuttle and Vandervelde, 2007). It can be reasoned that organisations adopt control frameworks without investing the considerable time and resources to question the validity of the constructs and dimensions for the subject task and taking into account the specific organisational needs and culture. For this article we chose to focus on two main goals: To explore use and success of control frameworks with a special consideration of the IT project management chapter of the mentioned CobiT framework (i); and to investigate use and implications of individual metrics following suggestions from CobiT (ii). We develop a critical position against the unconditional usage of generic frameworks which is supported by actual project success rates. The research objectives of this article will thus provide insights on success and validity of a popular IT project performance management construct and its metrics, which were cross referenced into other assessment structures and models. Results and insights should therefore also be of value to other related studies. The next section will give more theoretical background. This is followed by the research methodology and a section showing how the CobiT project management sub-structure relates to comparable models from literature. Consequently, findings from the empirical survey according to the given research objectives are presented. The last section concludes the article.
نتیجه گیری انگلیسی
Considerable potential exists for academic research to evaluate IT project management control systems and their effectiveness to determine value for organisations. In this paper we set out to see whether such control systems are used and if control variables are valid, important and used in project management controlling practice. The set-up of this research was guided by critically questioning suggestions from the Control Objectives for IT and related Technology (CobiT) framework, a popular framework used worldwide for IT controlling purposes. In terms of CobiT's project management coverage our research verdict is two-sided. While CobiT's coverage of project management control assessment factors is underdeveloped and too abstract for specific applications, a few important aspects promoted by CobiT such as controlling for post-implementation reviews seem to be regularly missing in other studies. In overall, CobiT metrics seem to have a stronger relation to programme management rather than to the view of individual projects. They reflect aggregated views of project management within organisations and thereby fail to appreciate the many individual, relational, and contextual factors that were found to be significant moderators of project management success. It is therefore not surprising that according to our data the use of control frameworks alone regardless of a reference to CobiT does not significantly promote success of projects. We found that other aspects such as individual experience, the frequency of large projects and the size of organisations all positively correlate with success rates. Regression analysis showed that the former two factors together predict success rates with experience as the most significant aspect. According to this study the overall adoption rate of CobiT for Project Management control frameworks (19%) was significantly lower than other reports suggest. Individual metrics are seen as very important and seem to be confirming the multiple attributive character of project management performance management. Especially costs, time and stakeholder expectations (e.g. scope and quality) showed the highest relevance ratings. Stakeholder expectations are higher valued by project members who regularly participate in projects. The importance of post-implementation reviews is rated higher by successful project members. However, control over these activities through the use of according metrics rated as feasible and important seems underdeveloped. Costs for implementation are high, which is a possible explanation for underutilised metrics expecially of metrics outside the classical time, cost and quality triangle. The suggested latent multi-level classification of metrics into leading and lagging indicators on process and activity levels was not validated by the data. To conclude, the CobiT framework seems to be a viable yet very generic construct to measure project management performance with gaps to studies in particular to those with a focus on specific project settings. Its metrics are seen as feasible and important for project management control and are used in practice but only by a minority of assessed project stakeholders. Industry practice will however find it difficult to implement an effective project performance management system based on CobiT alone due to its very generic nature and focus on programme management relevant for IT governance. Future CobiT related studies that examine IT project management control frameworks may target the gap that was identified in its coverage and develop a more specific, empirically tested multiple attributive model for IT project management control. We also need to know more on how these multiple attributes can be aggregated into consistent dimensions as the suggestions by CobiT were not supported in this study. The analytical hierarchy process for example could be introduced into such frameworks to help practitioners reduce the dimensionality of their models. A further key question to solve remains the identification of mediators of success that can be effectively incorporated into control frameworks to foster their impact on actual project success rates. Contextual elements should be part of frameworks and guide model development to better support the diversity of project management settings. We assume that a focus on project transparency for the benefit of auditors is not sufficient to generate value from IT project performance management systems.