Date of Award


Degree Type


Degree Name

Doctor of Business Administration


Faculty of Business and Law

First Advisor

Associate Professor Dieter Fink


The emergence of corporate governance is the response to recent high profile collapses of organisations such as Enron and WorldCom. Because of the ubiquitous nature of Information Technology (IT) and its influence on organisational activities, IT governance is increasingly seen as an integral part of corporate governance. However, existing literature shows the lack of a common understanding of IT governance due to various perspectives held amongst academics and practitioners. For example, schools of thought group IT governance according to structure with an emphasis on control and co-ordination or process with an emphasis on capability and continuity. The purpose of this research was to identify the key dimensions of IT governance from existing best practice frameworks and academic literature and to examine how they are reflected in the IT governance practices of organisations. Various legislations (e.g. Sarbanse-Oxley Act, 2002), best practice frameworks (e.g. Val IT, COBIT) and the writings of academic researchers (e.g. Van Grembergen, Weill & Ross) were reviewed which resulted in the synthesis of the following four key IT governance dimensions: Structures, People, Processes and IT Decision Domains, which were further divided into a set of sub-dimensions. Among the domains of IT governance, risk management and value delivery are regarded as core and, as such, provided the focus for the empirical part of the research. Four major universities located in Perth, Western Australia, chosen as case studies, constituted two equal groups based on their relative emphasis of IT governance, viz. risk management or value delivery. The case study methodology was justified on the basis of the relative newness of the research domain and enabling "how", "what" and "why" questions to be explored. Semi-structured interviews with the IT Directors I CIOs of the four case organisations were conducted in which their IT governance (risk management/value delivery) practices were mapped against the identified theoretical dimensions. Data triangulation enhanced validity and reliability by using multiple data sources such as data from organisations' websites. Interviews were transcribed and computer-based qualitative data analysis software (NVivo) was used to build the case study database and to analyse data against the theoretical IT governance dimensions. First, a within case analysis provided "what" and "how" insights followed by cross case analysis in which "why" aspects are discussed. This study found that IT governance is shaped by a number of sub dimensions, particularly organisational culture and leadership. They drive how IT governance is implemented and accepted within the participating organisations and influence whether or not an IT governance culture will be ingrained into the organisation. In addition, a strategy balancing formal, such as committee meetings, and informal communications, such as dialogues and networks, seemed to influence IT governance. lt was notable that performance tracking was a weak and immature dimension and further attention is required from the participants to clarify what and how to measure the progress of IT governance. Finally, it was generally accepted that IT governance should be viewed from a holistic perspective to be able to oversee, coordinate and integrate all the constituents including processes, tools, structures and resources. The study findings enabled recommendations to be formulated to provide practical advice to other, similar organisations. The thesis recognises a number of limitations which provide opportunities for further research. Among them are the nature of IT governance dimensions developed for this study and the research design which limits the potential for generalisation. By using this study as a reference point, future research can be expanded into different directions, such as examining IT governance in a wider context (e.g. different domains and sectors), establishing the influences of the characteristics of IT managers I CIOs (e.g. management traits) and developing progress towards IT governance maturity (i.e. a longitudinal study).