The impact of audit on IT governance: A study of the financial services sector in Ghana

The impact of audit on IT governance: A study of the financial services sector in Ghana

Abstract In recent years, IT governance has been a subject of discussion among academics and practitioners. The concern has been on the need to implement governance mechanisms and ensure the right balance of these mechanisms. However, the audit of IT governance mechanisms has received very little at...

Full description

Saved in:
Bibliographic Details
Published in:The Electronic journal of information systems in developing countries
Main Authors: Asmah, Alexander, Kyobe, Michael
Format: Journal Article
Language:English
Published: 08-10-2024
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Abstract In recent years, IT governance has been a subject of discussion among academics and practitioners. The concern has been on the need to implement governance mechanisms and ensure the right balance of these mechanisms. However, the audit of IT governance mechanisms has received very little attention. This paper aims to analyse the overall impact of IT governance audits on the maturity and coherence of governance mechanisms. Guided by the configurational theory, the researchers argue that when governance mechanisms operate coherently and are regularly audited, there will be improvement in IT governance and the performance of financial institutions. In this study, seven financial services companies in Ghana were reviewed, and their IT governance maturity was assessed after seven months of auditing with a COBIT 5‐driven IT audit framework. Two surveys were conducted, one before and one after the auditing. The findings of the study confirm the claim that regular auditing improves IT governance maturity and coherence. Several governance mechanisms within the case organizations improved to one higher level of maturity on the Capability Maturity Model. This improvement was after seven months of auditing. Regular auditing also improved IT roles and responsibilities, empowered IT personnel and improved the IT budgetary control and architecture of the entities. This study has implications for practice. It emphasizes the importance of independent regular IT auditing and the need to ensure coherence among IT governance mechanisms if effective IT governance is to be achieved in financial institutions.
ISSN:1681-4835
1681-4835
DOI:10.1002/isd2.12349