research-article

Elements that Orient the Regulatory Compliance Verification Audits on ICT Governance

Authors:

Angela Maria Cristina Clara,

Edna Dias Canedo,

Rafael Timóteo de Sousa JúniorAuthors Info & Claims

dg.o '17: Proceedings of the 18th Annual International Conference on Digital Government Research

Pages 177 - 184

https://doi.org/10.1145/3085228.3085286

Published: 07 June 2017 Publication History

Abstract

The expression Information and Communications Technology (ICT) refers to a large integrated set of structures and functions employed to access, transfer, store and treat all forms of information, i.e., actually, text, voice, data and image, which continue to be an important factor for improving organizational management and achieving competitive advantage, since ICT can be used to add value, continuously, to almost all business processes. This paper presents and discusses elements that are considered important to guide verification actions regarding regulatory compliance of ICT management practices. Designated hereinafter as Elements that Orient Regulatory Compliance Verification Audits (ECVAs), these elements are characterized in this paper from a survey of literature, international and national regulations, and best practices bodies. Their selection aims at improving ICT Governance in a Brazilian public company which is used as a reference to validate our choices.

References

[1]

ISO/IEC 27002:2005 - Information technology -- Security techniques -- Code of practice for information security management. Technical Report. http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=50297

[2]

Simon Adams. 2009. ITIL V3 foundation handbook. Vol. 1. The Stationery Office.

[3]

Edward W.N. Bernroider and Milen Ivanov. 2011. {IT} project management control and the Control Objectives for {IT} and related Technology (CobiT) framework. International Journal of Project Management 29, 3 (2011), 325--336.

[4]

Alan Calder. 2008. ISO/IEC 38500: the IT governance standard. IT Governance Ltd.

[5]

Tribunal de Contas da União. 2014. Governance Benchmark applicable to public administration agencies. (2014).

[6]

Steven De Haes and Wim Van Grembergen. 2004. IT governance and its mechanisms. Information Systems Control Journal 1 (2004), 27--33.

[7]

Steven De Haes and Wim Van Grembergen. 2015. Enterprise governance of information technology. Achieving Alignment and Value, Featuring COBIT 5 (2015).

Digital Library

[8]

ISO International Organization for Standardization. 2013. ISO/IEC 27007:2013 Information Technology - Security Techniques - Guidelines For Information Security Management Systems Auditing. (2013).

[9]

Antonio Carlos Gil. 2002. Como elaborar projetos de pesquisa. São Paulo 5 (2002), 61.

[10]

John C Henderson and H Venkatraman. 1993. Strategic alignment: Leveraging information technology for transforming organizations. IBM systems journal 32, 1 (1993), 472--484.

Digital Library

[11]

John C Henderson and N Venkatraman. 1992. Strategic alignment: a model for organizational transformation through information technology. Transforming organizations (1992), 97--117.

[12]

ISO IEC. 2013. 27002: 2013. Information technology Security techniques-Code of practice for information security controls. Retrieved from http://www.iso.org/iso/catalogue_detail (2013).

[13]

COBIT Isaca. 2012. 5-Enabling Processes. Rolling Meadows, IL 60008 (2012).

[14]

Michael C. Jensen and William H. Meckling. 1976. Theory of the firm: Managerial behavior, agency costs and ownership structure. Journal of Financial Economics 3, 4 (1976), 305--360.

[15]

Alexander Kouzmin, Elke Löffler, Helmut Klages, and Nada Korac-Kakabadse. 1999. Benchmarking and performance measurement in public sectors: towards learning for agency effectiveness. International Journal of Public Sector Management 12, 2 (1999), 121--144.

[16]

Eslei Jose de Morais. 2005. Controles internos e estrutura de decisao organizacional. (2005).

[17]

Pavel Nastase, Floarea Nastase, and Corina Ionescu. 2009. Challenges generated by the implementation of the IT standards CobiT 4.1, ITIL v3 and ISO/IEC 27002 in enterprises. Economic Computation & Economic Cybernetics Studies & Research 43, 3 (2009), 1--16.

[18]

David Norfolk. 2011. IT Governance: Managing Information Technology for Business; 2nd ed. Thorogood Publishing Ltd, London. http://cds.cern.ch/record/1416934

[19]

Oramento e Gesto (SLTI/MP) Secretaria de Logstica e Tecnologia da Informao do Ministrio do Planejamento. 2016. Estratgia de Governana Digital da Administrao Pblica Federal. (2016). https://www.governoeletronico.gov.br/documentos-e-arquivos/Estrategia-de-Governanca-Digital.pdf

[20]

Mårten Simonsson. 2008. Predicting IT Governance performance: A Method for model-Based Decision Making. Ph.D. Dissertation. KTH, Royal Institute of Technology Stockholm, Sweden.

[21]

Mrten Simonsson, Pontus Johnson, and Ph. D. 2008. EARP Working paper MS103: Defining IT Governance - A Consolidation of literature. (2008).

[22]

Wim Van Grembergen. 2004. Strategies for information technology governance. Igi Global.

Digital Library

[23]

Peter Weill and Jeanne W Ross. 2004. IT governance: How top performers manage IT decision rights for superior results. Harvard Business Press.

Digital Library

Cited By

Dias Canedo EMorais do Vale APatrão RCamargo de Souza LMachado Gravina REloy dos Reis VLúcio Lopes Mendonça FT. de Sousa R(2020)Information and Communication Technology (ICT) Governance Processes: A Case StudyInformation10.3390/info1110046211:10(462)Online publication date: 29-Sep-2020
https://doi.org/10.3390/info11100462
Hatta NAbdullah SMiskon S(2019)Social Media facilitate Compliance Communication in Higher Education Institutions2019 6th International Conference on Research and Innovation in Information Systems (ICRIIS)10.1109/ICRIIS48246.2019.9073676(1-6)Online publication date: Dec-2019
https://doi.org/10.1109/ICRIIS48246.2019.9073676
Kozenko YPerekrestova LKurazova DTereshkina OGolodova O(2019)Economic and Legal Problems of State and Municipal Procurement in the Russian FederationDigital Economy: Complexity and Variety vs. Rationality10.1007/978-3-030-29586-8_2(13-22)Online publication date: 15-Sep-2019
https://doi.org/10.1007/978-3-030-29586-8_2
Show More Cited By

Recommendations

ICT Governance in Brazilian Smart Cities:: An Integrative Approach in the Context of Digital Transformation
dg.o '21: Proceedings of the 22nd Annual International Conference on Digital Government Research

A smart city can be described as an organizational environment that seeks to provide a better quality of life for citizens by applying digital technologies to public services. In general, ICT governance involves managing investments and ICT resources to ...
An ICT governance analysis for the digital and smart transformation of Brazilian municipalities
dg.o '21: Proceedings of the 22nd Annual International Conference on Digital Government Research

Brazilian municipalities face challenges to provide efficient public services to their local community. One reason is that cities in the country are different in geography, development, economics, education, and technology environments. In the context of ...
ICT Governance: A View of Adoption of Best Practices in Enterprises of Sergipe State
SBSI '19: Proceedings of the XV Brazilian Symposium on Information Systems

Information and Communication Technologies (ICT) have become fundamental in the organizational process. In order to align ICT objectives with business objectives, many organizations make use of governance practices that not only help in the management ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

dg.o '17: Proceedings of the 18th Annual International Conference on Digital Government Research

June 2017

639 pages

ISBN:9781450353175

DOI:10.1145/3085228

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

IOS Press: IOS Press
Digital Government Society of North America

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 June 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

dg.o '17

dg.o '17: 18th Annual International Conference on Digital Government Research

June 7 - 9, 2017

NY, Staten Island, USA

Acceptance Rates

dg.o '17 Paper Acceptance Rate 66 of 114 submissions, 58%;

Overall Acceptance Rate 66 of 114 submissions, 58%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
130
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)1

Reflects downloads up to 10 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Dias Canedo EMorais do Vale APatrão RCamargo de Souza LMachado Gravina REloy dos Reis VLúcio Lopes Mendonça FT. de Sousa R(2020)Information and Communication Technology (ICT) Governance Processes: A Case StudyInformation10.3390/info1110046211:10(462)Online publication date: 29-Sep-2020
https://doi.org/10.3390/info11100462
Hatta NAbdullah SMiskon S(2019)Social Media facilitate Compliance Communication in Higher Education Institutions2019 6th International Conference on Research and Innovation in Information Systems (ICRIIS)10.1109/ICRIIS48246.2019.9073676(1-6)Online publication date: Dec-2019
https://doi.org/10.1109/ICRIIS48246.2019.9073676
Kozenko YPerekrestova LKurazova DTereshkina OGolodova O(2019)Economic and Legal Problems of State and Municipal Procurement in the Russian FederationDigital Economy: Complexity and Variety vs. Rationality10.1007/978-3-030-29586-8_2(13-22)Online publication date: 15-Sep-2019
https://doi.org/10.1007/978-3-030-29586-8_2
Glushchenko AFedotova GGryzunova NSultanova SKsenda V(2019)Modernization of the Russian Agro-Industrial Complex in the Conditions of Increase of Food SecurityDigital Economy: Complexity and Variety vs. Rationality10.1007/978-3-030-29586-8_1(3-12)Online publication date: 15-Sep-2019
https://doi.org/10.1007/978-3-030-29586-8_1
Kovazhenkov MFedotova GKulikova NSultanova MMandrik N(2019)Search for New Economic Solutions of the Problem of Food SecurityUbiquitous Computing and the Internet of Things: Prerequisites for the Development of ICT10.1007/978-3-030-13397-9_105(1011-1021)Online publication date: 16-May-2019
https://doi.org/10.1007/978-3-030-13397-9_105
Canedo EDa Costa RDe Sousa Junior RAmvame Nze G(2018)Best Practices Kits for the ICT Governance Process within the Secretariat of State-Owned Companies of Brazil and Regarding these Public CompaniesInformation10.3390/info90601419:6(141)Online publication date: 9-Jun-2018
https://doi.org/10.3390/info9060141
Clara ACanedo Ede Sousa Júnior R(2018)A synthesis of common guidelines for regulatory compliance verification in the context of ICT governance audits1Information Polity10.3233/IP-17005923:2(221-237)Online publication date: 29-Jun-2018
https://doi.org/10.3233/IP-170059

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents