A Systematic Literature Review on IT Governance Mechanisms and Frameworks

Abstract

Nowadays, it is not common to come across sectors that can work and succeed without using information technology (IT). IT has now become a part of organizations' management and strategic decision-making mechanisms. Therefore, organizations make serious investments to develop software and system infrastructures and transfer business processes to digital environments such as cloud technologies. So, they get business resilient while they gain opportunities of spreading their business activities to wide stakeholders and customers. Here it is essential to provide assurance that an organization evaluates, develops, implements, maintains, disposes of its IT systems and manages life cycle of all information and information technology systems properly on all physical and logical environments. However, the most important matter is that an organization’s objectives are met by the management practices of its information systems. While organizations carry out their digital transformation at a dizzying speed, organizations should be protected from material and moral damages such as loss of money, loss of commercial confidential information, loss of reputation by protecting the confidentiality, integrity and accessibility of the information assets they own and also comply with legal legislations such as the protection of personal data and intellectual property rights. In order to achieve this, organizations benefit from one or more frameworks, standards or directives that are suitable for their own structures and needs, separately or by integrating them. However, the most important point in this transformation process is the transition of organizations from IT management understanding to IT governance. In other words, IT has now become a part of the strategic decision-making mechanism by rising from the level of support tool to carry out business processes in organizations. When we search the academic literature, frameworks and standards, it is seen that the key elements of IT governance are structures, processes and relational mechanisms. If these three components are set up correctly and fit the organization, it can be assured that IT aligns with and supports the objectives of the organizations and that effective IT governance is achieved in every kind of organizations. In this research, databases such as Web of Science, IEEE, and SCOPUS are scanned and found articles are reviewed in order to make a literature review on IT Governance Mechanisms and Frameworks. Results are evaluated and discussed. By the way, suggestions for further studies were made and advanced researches were shed light on.