Assessment of IT Governance process maturity in Eastern Cape Governance Departments

Abstract

The South African Government has invested in Information Technology Governance (ITG) for all its Government Departments. Furthermore, the Government Departments have implemented the Information Systems Audit and Control Association (ISACA) Control Objectives for Information and Related Technology (COBIT) for ITG processes. Despite all these available frameworks, Departments still fail to capitalise and improve the ITG processes fully, mainly because these frameworks are too generic and difficult to apply for specific governance needs. Furthermore, there is no guiding framework for ITG maturity processes specific to the Government Departments. This study operationalises two objectives, firstly, to assess the ITG processes maturity levels for the Eastern Cape (EC) Government Departments and secondly to develop a customised framework for the Eastern Cape Government Departments (ECGDs) that should assist them to move from current levels to higher ones in the future. The Government-Wide Enterprise Architecture (GWEA) Framework South Africa was also incorporated (Makovhololo, 2018). Currently, all Government Departments in South Africa are guided on ICT Governance by the DPSA and GWEA frameworks. This research provides an overview of the ICT governance frameworks adopted by South African Government Departments and proposes a different framework designed to strengthen the dynamism of best practices. This research adopted a mixed research approach within a case study, utilising both qualitative and quantitative methods. Nine Government Departments in the Eastern Cape Province (ECP) were considered for the research. Data were collected through interviews, questionnaires, COBIT assessment experiments, and desktop surveys. COBIT assessment tool, IT Organization Modelling and Assessment Tool (ITOMAT), Statistical Package for the Social Sciences (SPSS), and Actor-Network Theory (ANT) were used to collect and analyse data. Findings show that none of the Eastern Cape Departments involved in the study has done the maturity level assessment. Neither do they know how to conduct it. Also, none of the Departments is aware of moving from one maturity level to the next. All the Departments have not fully utilised the COBIT Assessment tool to determine the maturity levels. Furthermore, findings show that the Eastern Cape Departments have ICT-related policies and strategies; however, there are implementation challenges that affect ITG plans. There is a clear indication that the current guiding national governance framework is outdated and does not accommodate the new changes in other governance frameworks. The study provides the maturity levels for the engaged Departments and develops a guiding ITG maturity assessment framework. The primary outcome of the research should assist Eastern Cape Government Departments in assessing their ITG process maturity levels and moving from a lower maturity level to a higher.