Stewardship Models of IT Governance Beyond Agency Theory.doc

《Stewardship Models of IT Governance Beyond Agency Theory.doc》由会员分享，可在线阅读，更多相关《Stewardship Models of IT Governance Beyond Agency Theory.doc（15页珍藏版）》请在三一办公上搜索。

1、Stewardship Models of IT Governance: Beyond Agency TheoryRefereed research paper submitted to MWDSI, Chicago, April 2007Information Technology and E-Business TrackPaul S. Licker, Ph. D.School of Business AdministrationOakland UniversityRochester, MI 48309lickeroakland.edu248-370-2432Stewardship Mode

2、ls of IT Governance: Beyond Agency TheoryAbstractMost approaches to IT governance are grounded in agency theory (Jensen and Meckling, 1976, 1994). Agency theory assumes that the interests of owners and managers are inherently in conflict and that defensive activities are necessary by owners to prote

3、ct these interests. Stewardship theory (Donaldson and Davis, 1991) points out that these assumptions arent always true. A series of theoretical propositions concerning the stewardship model were made by Davis, Schoorman and Donaldson (1997). Their ideas, in conjunction with ideas on best practices i

4、n IT governance from Weill and Ross (2004) provide an explanation for variance in the effectiveness of a variety of governance models. Application of the stewardship model results in several novel approaches to IT governance and technology management, especially with regard to post-implementation va

5、lue delivery.Stewardship Models of IT Governance: Beyond Agency TheoryAn Alternative View for IT Governance Most ideas of IT governance are grounded in agency theory (Jensen and Meckling, 1976, 1994). Stewardship theory (Donaldson and Davis, 1991) points out that the assumptions of agency theory are

6、nt always true. Their alternative, called “stewardship theory” (Davis, Schoorman and Donaldson ;1997) predicts that IT governance should resemble that predicted by agency model less than it does in practice. This paper provides reasoned speculation for the differences and proposes empirical work to

7、demonstrate why these differences have arisen. Application of the stewardship model results in several novel approaches to IT governance and technology management, especially with regard to post-implementation value delivery.IT Governance: IntroductionWhile IT expenditures in all sectors of the econ

8、omy have mushroomed, concern over budget has also risen and expanded to concern in other areas, such as governance. IT governance encompasses all areas of corporate information and information systems responsibility. In an era of close examination of corporate responsibility and the critical role of

9、 information in this, additional increased scrutiny of IT governance is a natural result. One approach to “curing the disease” is to institute or improve IT governance (Ross & Weill, 2004). Ross & Weill claim, for example, that “effective IT governance is the single most important predictor of the v

10、alue an organization generates from IT.” Given the power of that predictor, there must be large rewards in governing IT effectively. However, its not immediately clear how to do this and much of that advice about effective IT governance is confusing because of the multiple ways in which it is define

11、d and implemented.A Definition of Corporate GovernanceIT governance is a type of corporate governance. The term “corporate governance” typically refers to the relationship between the owners of firms and the management they hire to run their firms for them (typically CEOs and other “C-level” people,

12、 often professional managers). A typical definition is one by Tirole (2001) who says “The standard definition of corporate governance refers to the defense of shareholders interests.” Corporate governance is the process through which those interests are defended, given that owners are cut off from d

13、ay-to-day activities of their firms and arrange to have managers run the enterprises. Corporate governance however, must be concerned with, on the one hand, minimizing the costs and risks of this arms-length management and, on the other, with maximizing returns to the owners using the skills of the

14、hired management. These days, risks are also legal and ethical and returns are complex, and not necessarily defined only in monetary terms. Hence corporate governance is not a simple process and in many large firms can require a great deal of attention. In most senses, corporate governance is a join

15、t project of the owners and managers. Given the gap assumed to exist between these two and the specialized knowledge needed to make IT useful, IT governance can only become more complex to handle, which is why, to some extent, IT governance turns out to be very challenging.IT Governance DefinedWebb,

16、 Pollard and Ridley (2006) performed a content analysis on a dozen definitions of IT governance. They noted a “lack of clarity” in the concept of IT governance, but derived a composite definition: “IT Governance is the strategic alignment of IT with the business such that maximum business value is a

17、chieved through the development and maintenance of effective IT control and accountability, performance management and risk management” (emphasis mine). Ross and Weill (2004) define IT governance as “specifying the decision rights and accountability framework to encourage desirable behaviors in usin

18、g IT”(p. 2; emphasis mine). In a similar vein, Peterson (2004) defined IT governance as “the distribution of IT decision-making rights and responsibilities among enterprise stakeholders, and the procedures and mechanisms for making and monitoring strategic decisions regarding IT” (pg. 8, emphasis mi

19、ne). Van Grembergen, De Haes and Guldentops (2004) cite a list of IT governance definitions including “The organisational capacity to control the formulation and implementation of IT strategy and guide to proper direction for the purpose of achieving competitive advantages for the corporation” (MITI

20、, 1999; emphasis mine), “leadership and organisational structures and processes that ensure that the organisations IT sustains and extends the organisations strategy and objectives” (ITGI, 2001; emphasis mine) and “control the formulation and implementation of IT strategy and in this way ensure the

21、fusion of business and IT” (Van Grembergen, 2002; emphasis mine). The core of these definitions lies in the italicized phrases: control and guidance of IT management and user behavior towards corporate goals. Implied by these definitions are the ideas that (1) IT is in a sense separate, separable, a

22、nd different from the corporation, (2) IT will not, by itself, work in consonance with those goals and (3) IT therefore needs to have its behavior and the behavior of those using the products of IT controlled and guided. Hence IT governance is inherently more specific and complex than corporate gove

23、rnance from which it has evolved (Webb, Pollard and Ridley, 2006). As a complex activity, it requires structure. IT Governance ApproachesThere are two broad approaches to governance of IT. The first focuses on decision and authority structures and the second on the activities of IT itself. Most writ

24、ers adopt an “architectural” approach, designing authority, usually decision authority, within a structure. Theoretically, Sambamurthy and Zmud (1999) refer to three different architectural approaches (centralized, decentralized and federal) while Weill and Ross (2005) expand and embellish this list

25、 to six (business monarchy, IT monarchy, feudal, federal, IT duopoly and anarchy). In practice, there are many ad hoc approaches, including steering committees and user groups, but two consistent and systematic approaches stand out (COBIT (IT Governance Institute, 2007) and ITIL(Office of Government

26、 Commerce, 2001). These practical frameworks focus on control, security and accountability in the service of goal alignment. All approaches recognize the challenges of IT governance.IT Governance challengesThese are most clearly discussed in terms of the challenges facing IT governance and the capab

27、ilities or resources needed to meet those challenges. Korac-Kakabadse and Kakabadse (2001) term the two sets of challenges “control” and “stakeholder”.Governance is intended to handle challenges in IT in three ways referred to by Peterson (2001, 2004) as “structural”, “process” and “relational”. The

28、 first is focused on strategic alignment (Weill and Ross, 2004) and refers to the structural relationship of the IT function to the rest of the firm. While most pundits agree that IT is used in organizations to further strategic goals, there is some disagreement about how to make that happen and eve

29、n how to determine that alignment has actually happened. This set of alignment problems is a relatively recent concern for organizations. As organizations moved from business process automation to information-based strategic management (Venkatraman, 1994; Ward and Elvin, 1999) the potential for impa

30、ct on enterprise activities increased. While, again, there is some disagreement as to the level, type, and sustainability of IT-enabled strategic advantage (Carr, 2003), there is no disagreement as to the impact of IT on strategic initiatives in todays business. Hence there is concern that IT at lea

31、st not work against strategic interests by diverting resources (especially financial resources, of course) or creating barriers through opaque or faulty systems. Good governance is intended to insure the alignment of the presumed IT interests of technical excellence and efficiency with those of the

32、firm at large. Much of this structural discussion has centered on the role of the Chief Information Officer (CIO) and the proper placement of this person relative to others in the executive suite. Another concern is Strategic Information Systems Planning (SISP, (Lederer and Hannu, 1996), an exercise

33、 in planning for the information systems function defined as “a portfolio of computer-based applications that will assist an organization in executing its business plans and realizing its business goals.”One goal of SISP is executing appropriate and presumed goal-aligned resource allocation, which P

34、eterson (2004) suggests is related to process capability. In the broad sense of the function and structure of all IS resources, this refers also to the architecture, procurement patterns, and usage patterns of IS physical and intellectual resources. Governance resource allocation goals include the a

35、ppropriate translation of aligned, strategic IS goals into IS operational and developmental effort. Much of this work is focused on technical architecture, both physical and functional, and especially on justification and evaluation of IT expenditure for purchase or lease of hardware and development

36、 of software applications.While alignment and resource allocation challenges at least have conventional approaches (SISP and enterprise resource planning, for example), it is in the area of management of the information systems function that governance challenges have proven difficult to solve. This

37、 is primarily because IS management has traditionally been isolated from general management; there are few points of commonality in training, temperament and terms. Peterson points out that the “key to relational capability is the voluntary and collaborative behavior of different stakeholders to cla

38、rify differences and solve problems, in order to find integrative solutions” (2004, pg. 15). Obtaining this collaborative behavior is not easy. The history of information systems is one of user-IT professional conflict, broken promises and frustration all around, in the midst of an explosion of usef

39、ul IT applications.Thus as a solution to corporate IT challenges, IT governance is itself problematic. A number of approaches at a number of levels involving a number of management philosophies have created confusion, making it difficult to translate IT governance, as a way of implementing protectio

40、n of owners property into actual IT practice in the hands of technical experts and users. Perhaps one difficulty with meeting governance challenges might be in the fundamental theory underlying the ideas of governance as practiced in most firms, namely agency theory, to which we turn now. Agency The

41、oryAgency Theory DefinitionAgency theory (Eisenhardt, 1989) is a view of corporate governance that attempts to explain the mutual behavior of principals (generally owners of firms) and the managers of those firms (termed “agents). In agency theory, agents and owners act as self-interested parties de

42、spite the necessity for them to work together to achieve corporate outcomes. Agency theory makes no explicit assumption about the alignment of principal and agent goals. However, agency theory mainly addresses the “agency problem” which arises when these goals are not aligned and when the behavior o

43、f agents cannot be assumed to be consistent with the goals of the principals. A typical solution to the is to create mechanisms through which agent behavior is forced into alignment through controls or inducements. The former is commonly accomplished through audits and performance evaluations by the

44、 board of directors (with the threat of dismissal as the punishment for non-aligned performance). The latter provides financial rewards if corporate performance is within a desired range. Central to these mechanisms is the act of delegation from principal to executive. It is actually the act of dele

45、gation rather than specifically who is doing and receiving the delegation (owner to CEO) and the risks involved. Thus, agency theoretic ideas can be percolated downward through the management chain to any level of management. Presumably the lower the level of management, the easier the performance a

46、udit becomes (because the activities are more time limited and narrower in scope) and the more highly defined the economic inducement (generally limited to compensation). Assumptions of Agency TheoryThe assumptions of agency theory are simple. 1. People are rational 2. They make decisions on economi

47、c grounds and 3. They attempt to maximize their own utility functions. Given the nature of corporations, with distant owners and rapidly changing operational conditions, it is unlikely that principals and agents have closely aligned interests; hence it is expected that agents and principals will not

48、 act in alignment. The interests of principals must be defended, therefore, through strategies to control the behavior of agents. Use of Agency Theory in ManagementPractically speaking, agency theory is useful in evaluating control and motivational schemes through which principals and agents can com

49、municate economically, given the assumptions of conflicting interests. Agency costs arise from the execution of these schemes. It is desirable to keep these costs sufficiently low; otherwise, the principals will find themselves managing their firms. In addition to direct economic inducements through bonus schemes and dividend