Keywords

1 Introduction

Information technologies are evolving in business use at an endlessly increasing extent - e-Government, distance/hybrid education, e-Health, e-Commerce, e-collaboration, are just few examples of influential applications, which shape strategies in both private and public business sector. Getting more value from IT is an increasingly important organizational competency [2]; in this context, IT Governance is an instrument aimed to ensure that business organizations will meet their strategic goals.

IT Governance is a part of corporate governance, focused on specifying the decision rights and accountability framework to encourage desirable behavior in using IT [2]. In [2], the authors emphasize the importance of IT Governance in organizations as an integral part of the corporate governance. The purpose of IT Governance concerns overseeing design and implementation of processes, structures and relational mechanisms in organizations to enable both business- and IT people to execute their responsibilities in support of Business/IT alignment as well as the creation of business value from IT-enabled business investments.

In this study, we examine IT Governance in the context of public organizations. The values of public organizations are notably associated with important social outcomes and require therefore long-term strategies and strong commitments in all their operational areas, including IT. Whereas opportunities are limitless, resources are scarce, and operations’ complexities are growing. In order to be successful in creating values from their IT, modern public organizations have to ensure continuous engagement of beneficiaries (citizens) into setting the objectives for the IT and evaluation of the results as well as continuous engagement of partner organizations (co-producers) into standard creation and use [1, 3].

Meeting these requirements is challenging due to inherently hierarchical structure of public organizations and centralized decision making that also applies to their IT management. Whereas efficient in closed and stable business environments, centralized decision making shows serious drawbacks in open environments driven by innovations. Modern public organizations need to become a part of dynamic innovative ecosystem where they co-create value with citizens, government, policy-makers, as well as with other public and private organizations and institutions. To succeed in their missions, public organizations need to master governance styles to overcome the shortcomings of hierarchical structures and centralized decision-making.

Public value describes the value that an organization contributes to society. For public organizations, it is the value developed for individual citizens, communities and organizations through provisioning of services, including lately increasing extent of online services enabled by IT. Thus, we consider public value as a foundational concept for structuring of IT Governance in the public sector. Furthermore IT-enabled value creation heavily depends on the organizational context – for effectively designing IT Governance structures, processes and relational mechanisms, public organizations need to define the context of IT Governance, which aside from organization’s value is influenced by its core functionalities, involved authorities, legislations, and other.

In this research study, we consider IT Governance as an organizational capability. The interest in reasoning about IT Governance in an organization in terms of capabilities is twofold: (a) capability can operationalize the value from IT by defining the ability for delivering this value by compounding context-specific relevant behaviors in using IT; (b) capability can support configurability, re-use and mapping of IT Governance structures, processes and relational mechanisms in an organization.

The remainder of the paper is organized as follows: in Sect. 2 we present the relevant theoretical background; in Sect. 3 we describe our approach for structuring IT Governance as capability, and in Sect. 4 we illustrate these results on a case of the Higher Education sector. Section 5 provides discussion, concluding remarks and directions of future work.

2 Background

2.1 Organizational Styles

The terms centralization and decentralization often refer to the points of power over the decisions made in an organization. According to [4], when all the power for decision making rests at a single point in the organization (“center”) - the structure should be called centralized; when the power is dispersed among many organizational entities, the structure should be called decentralized; when decision making is shared between the center and the other organizational entities, then the structure is federated.

Centralized organizations are very stable and robust but they cannot respond easily to change and are typically slow in acting. This also applies to their IT. Following [4, 5], we summarize the following reasons for decentralization in IT:

  • Decision-making powers need to be shared. Power has to be placed where the knowledge is.

  • Innovation through IT requires an extreme agility from organizations. Making decisions locally improves agility and reduces time needed to address the issue.

  • Creative people require considerable room for maneuver. Resistance to new technologies due to the lack of understanding or fear to put at risk the existing position often comes from the center and jeopardizes new opportunities.

2.2 IT Governance in Public Organizations

For implementing IT Governance, an organization has to identify the scope of IT and the main areas/issues where decisions have to be made. The organization has to define its decision-making structures (i.e., organizational units, specific roles, committees) responsible for making these IT decisions; it has to design and implement processes for IT decision-making and IT monitoring to ensure the desired behaviors using IT; eventually, it has to specify the mechanisms supporting the active participation of, and collaborative relationship among entities appointed to defined governance structures [1, 2].

Over the years, a number of IT Governance frameworks have emerged, such as ISO 38500 [6] and COBIT [7]. In our study, we are not aiming to design a new framework but rather to consider reusable IT Governance solutions for different organizational styles ranging from centralized to decentralized types.

Centralized IT Governance fits when Business or IT monarchies are applied in most of decision areas [2]. This governance style is relevant when the high degree of standardization is required and cost-efficiency is one of the primary value sources. Federated IT Governance follows duopolies and federal governance structures. This style can be beneficial for organizations seeking for cost-efficient use of the assets, and at the same time, IT-enabled innovation. Decentralized IT Governance fits to the organizations focusing on innovation and time to market, and with the tendency to delegate decision making from the center to local units or project teams.

A modern public organization can be seen as a part of a dynamic ecosystem, where it maintains the relationships of different nature with other organizations and individuals (Fig. 1). To successfully achieve business goals in this complex environment, the organization needs to master different governance styles and use them according to a given context.

Fig. 1.
figure 1

Organizational ecosystem. C (centralized), D (decentralized) and F (federated) characterize the relationships between the organization and other parts of its environment.

Full size image

2.3 Capability-Driven Approach

From the business perspective, a capability describes what the business does that creates value for customers [8]. It represents a design from a result-based perspective including various dimensions including organization’s values, goals, processes, people, and resources. The notion is obtaining a growing presence in the business and IT alignment frameworks [9] starting from more business-oriented such as Business Architecture and Business Modeling, towards the alignment-oriented represented by Enterprise Architecture (EA), and Enterprise Modeling (EM). In brief, the emergence of the use of the capability notion seems having the following motivations:

  • In the context of business planning, capability is becoming recognized as a fundamental component to describe what a core business does and, in particular, as an ability for delivering value, beneath the business strategy [8];

  • Capability supports configurability of operations on a higher level than services and process, and according to changes in operational business context [10].

Following the above, we consider IT Governance capabilities as the abilities and capacities of an organization to ensure maximum value from its IT in a given context.

3 ITG Capability for Public Organizations

Public value describes how an organization contributes to society. Value for the public is a result of evaluations about how basic needs of individuals, groups and a society as a whole are addressed in relationships involving service provisioning [11]. Whereas private value is associated with satisfying individual desires, public value is mostly focused on achieving social outcomes. We generalize the findings of [12] on how IT investments generate public value and propose to distinguish between:

  1. 1.

    Value from delivering specific benefits directly to citizens

  2. 2.

    Value from improving an organization itself as a public asset

Each of these value types can be associated with one or multiple value sources: cost saving, increase in quality of service, enabling new services, and intrinsic enhancements (i.e., changing environment providing political, social, cultural impact, improving general quality of life of an individual or a group).

Public organizations are not free to choose their market - they are authorized to provide their services by their environment that involves government, employees, suppliers, local communities, citizens, policy makers, controlling organizations, etc. The authorizing environment provides the organizations with legitimacy and support and may vary depending on the scope of the IT project and its aimed value. For example, public organizations can be mandated by their authorizing environment to deliver a specific service, ensuring compliance with regulations, recommendations and standards.

Public organizations need to develop and manage their core capabilities in order to deliver results. Compared to private organizations, much of capacity required to produce public value lay outside the public organization and thus not under its direct control. To succeed in their missions, public organizations need not only to develop internal capabilities controlled by the organization itself, but also to explore co-production opportunities with external partners (e.g., other public and private organizations, volunteers, associations etc.) by means of external capabilities.

In our view, the three elements above together define an IT Governance context answering (a) what public value(s) the organization is seeking to produce by support of IT; (b) what sources of legitimacy and support will authorize, provide, or consume resources to create that value; and (c) which core capabilities are in place to deliver the main service of the organization.

For a given context, being determined by its three constituting elements, an ITG capability is used to specify what a public organization should be able to do to ensure support for that context by means of processes and resources, which in turn support organization’s goals measured by KPIs (Key Performance Indicators). These indicators are also highly important for public organizations as their stakeholders (state, municipalities, citizens and other) want to ensure that an implementation of IT delivers values, which can effectively be measured by corresponding KPI [13]. We have formalized the above outlined concepts and relationships in a model (Fig. 2, below).

Fig. 2.
figure 2

A model for IT Governance using capability based on organization’s values and context

Full size image

  • Legitimacy (and Support): to whom the organization is authorized to provide its services and by whom it gets support.

  • Core Capabilities: they are describing what the organization is essentially doing.

  • Public Values: they describe how the organization aims to contribute to the society.

  • Context: it represents the information that can be used to characterize the situational environment of a public organization. The context of an IT Governance capability is defined by analyzing the public value the organization aims to create, its sources of legitimacy and support and core capabilities, which eventually lead to the goals to be achieved and the processes and resources to support the goals.

  • Goal: it is a desired state of affairs, which needs to be attained to realize established value. Goals can be refined into sub-goals forming a goal model refining desired behaviors in using IT, such as cost-effective use of IT, or effective use of IT for growth; and effective use of IT for business flexibility.

  • Key Performance Indicator (KPI): it is a measurable property that can be seen as a target for achievement of a Goal.

  • Actor: it is a person or even a part of the organization holding the responsibility for the achievement of a goal; for IT Governance, these actors may be organization’s executives, IT decision makers, etc.

  • Process: it is a series of actions that are performed in order to support one or more of the established goals. In the IT Governance domain the processes concern decision making about IT, coordination of IT processes, IT monitoring, performance management and other.

  • Resource: When initiated, a process is perceived to engage or consume resources - people, materials, software. IT Governance processes rely for example on the actors involved in IT decision-making enactment and monitoring, as well as on the needed entities – technology and infrastructure supporting processes’ execution, as well as coordination and communication between involved actors.

  • IT Governance Capability: it is ability and capacity of to ensure maximum value from its IT in a given Context.

We explained in Sect. 2.1 that organizations may follow different organizational styles, where centralized, federated and decentralized are the essential; in addition, new styles are emerging. In [14] we have proposed different IT Governance solutions using the capability notion to fit each of the organizational styles to obtain the patterns that could be applied in concrete cases for forming adequate IT Governance structure. This study differs in the way that we here elaborate a case from the public sector (student mobility, see Sect. 4) for which the IT Governance capability pattern for the federated organization style applies (Table 1):

Table 1. Capability pattern: federated IT Governance, public sector
Full size table

4 Example Case - Enabling Student Mobility with IT

Universities (including the ones the authors of this paper work for) show an increasing need to adjust governance of their IT according to the organizational structure and decision-making in place. In this example, we focus on the Federated IT Governance style and its corresponding capabilities.

The Erasmus Programme (European Region Action Scheme for the Mobility of University Students) is a European Union (EU) student exchange programme established in 1987 (see also Wikipedia/Erasmus Programme). Erasmus students can spend between one and three academic years in another European country studying or making an internship in another (host) university. Universities in Sweden and France are actively involved in Erasmus mobility. The aimed public value is to improve service quality and to enable new opportunities for universities, students and communities. Co-creation of value with partners from other organizations (universities) is required in this context.

One of the basic rights each exchange student has is the full recognition of courses passed successfully abroad by the home university. Before leaving the home university, a participating student signs the Learning Agreement - a document that describes the programme of studies followed in the host university. At the end of the stay, the host university prepares for the student a document called Transcript of Records, which confirms the completed studies’ programme and the results. These documents are the legally binding for all parties involved (i.e. the home and host university). Should a student face problems in recognition, the student can seek a help of student organizations to make the courses validated [15].

In practice, Erasmus requires a tight coordination between university international department, university administration, faculty administration and European authorities. The following issues illustrate the need of flexible yet explicit IT Governance mechanisms for supporting Erasmus program at the universities:

Course planning

Learning agreement typically allows a student to choose courses from different master programs, different levels of study (e.g., master of the first or second year) sometimes even offered by different university departments. Planning the courses while allowing maximum flexibility for exchange students require a tight collaboration and coordination between different administration levels and departments at the involved universities.

Grading and grade mapping

Different approaches to education, cultural specifics, language and local grading systems are hard to merge and to map to single objective evaluation greed. Even though the Bologna system offers one, it needs to be adjusted locally, according to the university and country specifics.

To ensure comparable, compatible and coherent systems of Higher Education, the partners (co-producers) need to comply with Bologna Process [16]. This compliance requires significant changes in the organizational IT. Therefore, the sources of legitimacy and support in this context include university authorities and policy makers on the country and European level (for Bologna Process). This context reveals that the federated IT Governance is the most relevant (Table 1, the previous section). When implementing the federated IT Governance capability pattern presented in Table 2, organizational IT plays the role of a mediator, coordinating and controlling the inter-organizational processes between partners. It also links the (partner) universities with the students. Data integration between universities and standards for data exchange are of a main interest. The actors include university international office, head of faculties, program managers, faculty members, IT department. The processes and the resources supporting the main service are standardized, and controlled by the European representatives and university authorities in order to ensure the compliance.

Table 2. Instantiating Federated IT Governance pattern for supporting student mobility
Full size table

5 Discussion, Conclusions and Future Work

Values created by public organizations and their IT in particular, expand the boundaries of these organizations. Therefore, today’s public organizations need to be seen as a part of dynamic ecosystems, where they maintain the relationships of different nature with individuals and other organizations. To fulfill their goals, public organizations need to adapt to their context, exhibiting consequently various behavior in using IT.

Next, the organization needs to examine its context: what public value it desires to provide, what its authorizing environment is (i.e., who will authorize and support the value provisioning, who will benefit from it), and, eventually, what kind of core organizational capabilities will be required. These elements are interrelated and provide an understanding of a context where the IT Governance will be enacted. We suggested that the model of IT Governance could become “more centralized” or “more decentralized” according to this context. We therefore considered IT Governance as an organizational capability and proposed to use IT Governance capability patterns for different organizational styles. An IT Governance capability pattern can be seen as a guideline on how to define IT governance to support desired public values driving different context situations. We illustrated how the IT Governance patterns can be instantiated on the case of the student mobility in the Higher Education public sector of EU. Our motivating assumption has been that public organizations need to master a wide range of ITG mechanisms and to deploy them depending on their value-creation context.

The model proposed in Fig. 2 provides an organizing logic that can help organizations to position, justify and govern their IT projects in a consistent way, based on the public value concept. However, argue that the IT Governance styles are not mutually exclusive and that several styles can be used in the same value-creation context. We plan to elaborate the guidelines and recommendations further in the future, by conducting multiple empirical studies and collaborating with practitioners. IT Governance capability patterns are intended to facilitate the application of IT Governance mechanisms for different governance styles. They provide a general idea; the concrete “recipe” has to be elaborated for each particular organization.