The study aimed to evaluate the capabilities of information technology used and infrastructure and their compatibility with the application of governance according to the Cobit5 framework and its impact on operational performance. An electronic questionnaire was distributed to the study population represented by a sample of industrial companies listed on the Iraq Stock Exchange. The number of responses were 196 all of which are valid for study. The study found a statistically significant relationship and impact of Dalin statistically to use IT governance according to the Cobit5 framework on enhancing operational performance in industrial companies listed on the Iraq Stock Exchange.The study recommends planning information technology periodically, using specialized committees to study the infrastructure and planning of the software used, training workers on the use of software, developing relationships with suppliers and customers alike. It also pays attention to software security and implementing the necessary legislation and laws.
The current era is considered the era of modern technology, which is currently considered products of no less importance than any human or material capital and intervenes in the construction and establishment of large companies. It also contributes in economies of great importance, in the conduct of production processes and enters into accounting science completely. Also, the technological revolution must have had a significant impact on the performance of various companies, especially in supporting the economy and financial activities.
Today, information technology has become an important, essential, necessary and comprehensive place in the life of all institutions in order to ensure their success, as technology provides opportunities and advantages that support the continuation of the competitive advantage of companies. It provides full support for better performance but it is no longer as in the past an enabler for success. Yet, technological transformation has become an important necessity in order to seize the available economic opportunities by increasing capabilities and competencies related to operational processes by relying on information technology.
Hence the need to use information technology governance, where the risk associated with the use of information technology must be fully defined by management in institutions and companies. It extends from security threats to information on the organization's servers to the risks related to the use of a malicious computer program and even it can extend to matters related to increasing time, cost and results due to not meeting the desires and requests of customers. This will only be achieved with the awareness of the competent authorities and departments of all these matters. This is in addition to the use of international standards and standards appropriate to the nature of the business, such as the Cobit5 framework.
The Problem of the Study
Companies today face a problem in the complete and comprehensive orientation towards the use of information technology according to an appropriate global methodological framework. They also encounter issues in achieving high-quality operational performance and trying to link current technology to the work of employees within companies and increase their productivity and on what has been mentioned we can formulate the following question that expresses the problem of the study.
What is the impact of using IT governance under the Cobit5 framework on the operational performance of Iraqi companies?
A number of questions arise from this question:
What is IT and what does IT governance mean?
What level of IT is used in companies?
What is the Cobit5 framework and what are its use areas?
What is the level of operational performance in companies?
What is the level of financial reporting in companies?
What is the impact of using IT governance under the Cobit5 framework on operational performance?
Objectives of the Study
The study aims to:
Assess the IT capabilities used and the infrastructure and their compatibility with the application of governance in accordance with the Cobit5 framework
Analyze the gap between current technology and technology in general according to the Cobit5 framework
Investigate the impact of the information technology that the application of the Cobit5 framework has on achieving good operational performance in the companies under study
Importance of the Study
The importance of this study from both theoretical and practical points of view lies in the following:
Knowing the dimensions of IT governance according to the Cobit5 framework, its mechanisms followed, its uses and its relationship to the operational performance in the company
Enabling the identification of weaknesses in the use of IT governance according to the COBIT5 framework
Drawing attention to the importance of using and developing IT governance mechanisms
Directing future research to the importance of studies based on IT governance, mechanisms, the Cobit5 framework related to it and operational performance and opening the door for them to study other factors affecting operational performance
Enriching company libraries with scientific research that improves their technology and familiarizing them with the Cobit5 framework
The Study Hypotheses
Based on the problem of the study and the dimensions of both the dependent and independent variables, we can formulate the first basic hypothesis.
There is no statistically significant impact of the use of IT governance under the Cobit5 framework on the operational performance of Iraqi companies.
Several hypotheses branch out of it:
Sub-Hypothesis 1: (HO1-1): There is no statistically significant effect of using planning and organization processes in enhancing operational performance
Sub-Hypothesis 2: (HO1-2): There is no statistically significant effect of using acquisitions and executions in enhancing operational performance
Sub-Hypothesis 3: (HO1-3): There is no statistically significant effect of using plug-ins and supports in enhancing operational performance
Fourth Sub-Hypothesis: (HO1-4): There is no statistically significant effect of using follow-up and evaluation processes on enhancing operational performance
Study Model
A model has been prepared for the current research that shows the impact of using information technology governance according to the Cobit5 framework on the operational performance of Iraqi companies. The research questions and hypotheses, independent variables and dependent variables have been identified as follows:
Independent variables:
IT governance under the COBIT5 framework:
Planning and organization
Possession and execution
Delivery and support
Monitoring and evaluation
Dependent variables:
Operational performance
Based on what has been benefited from by reviewing previous studies, the descriptive analytical approach will be used in data analysis and hypothesis testing, to show the use of information technology governance according to the Cobit5 framework on the operational performance of Iraqi companies. Besides a questionnaire will be used to collect data from companies, in order to interpret them and reach conclusions that contribute to clarifying this impact, as the descriptive analytical approach compares and interprets the results in order to reach meaningful generalizations.
Previous Studies
Arabic Studies: Mohammed et al. [1] aimed to show the impact of information technology governance in its four dimensions (planning and organization, ownership and implementation, delivery and support, follow-up and evaluation) in improving the financial performance of private commercial banks operating in the Syrian coast.
The researcher adopted the descriptive analytical approach in his study and the questionnaire was adopted as a tool for data collection. In addition, the research community consisted of a cadre of workers in the departments of branches of Syrian commercial banks. Then, the SPSS program was a tool to analyze the available data.
The management of commercial banks is keen to develop and maintain procedures, the management of commercial banks is keen to obtain and maintain the infrastructure of information technology, commercial banks are keen to qualify and train employees and manage their performance. The management of commercial banks is serious to have enough staff for the information technology department.
The study recommended the management of commercial banks to continue to develop and maintain procedures, the need for commercial banks to continue to obtain and maintain the information technology infrastructure, the need for commercial banks to work on qualifying, training and managing employees and the need for the management of commercial banks to have a sufficient cadre for the information technology department.
Al-Sawah [2] shows the impact and return of the application of information technology governance and its role in increasing the efficiency and effectiveness of information technology performance in commercial banks. It uses of the Balanced Performance Scale for Information Technology (TBSC) to measure and evaluate the performance of information technology and its consistency with the institutional objectives of banks and to identify deviations and work to correct them to achieve the leading role of those banks. In this study, the researcher relied on inductive and deductive approaches.
In this study, there are no statistically significant differences between the average opinions of the study samples of the three banks on the areas of concentration of information technology governance in commercial banks. Also, there is a substantial impact of the areas of concentration of information technology governance on the balanced performance scale. In contrast, there are no statistically significant differences between the average opinions of the study samples of the three banks on the need to have a set of characteristics for the balanced performance scale in light of the application of information technology governance mechanisms in commercial banks, the existence of a substantial correlation between IT governance focus areas and balanced performance measure.
According to this work, the organization's strategy should be linked to the information technology strategy and linked to measurement and performance evaluation systems. Measurement systems should be used that are flexible enough and work to achieve harmony and compatibility between the organization's strategy and the information technology strategy and the means used in its implementation. Non-financial performance measures should be used next to financial measures because this leads to improving internal and external reporting systems, which leads to an increase in the degree of disclosure and transparency and then improving the accounting accountability system from before the stakeholders in the facilities.
Mohammmed and AL-Basri [3] demonstrate the use of the COBIT5 framework impact level, which represents the objectives of information control and related technology.
The study was applied to a population of 37 banks and the study sample reached 25 banks and a (checklist) was used to collect research data and was analyzed statistically using SPSS program.
The results of the study confirmed the existence of a correlation and a statistically and morally significant impact of the (COBIT5) framework as a tool for internal control in Iraqi private shareholding banks, as well as the application of the (COBIT5) framework as an internal control tool that helped to govern and manage banks as well as maximize value and benefit through the use of information technology.
The research recommends management of banks to pay attention to the proper application of the COBIT5 framework and to identify the areas of the COBIT5 framework, which need to be improved in line with the strategic objectives of the bank.
Foreign Studies
Alsaleem and Husin [4] aimed to ascertain how the COBIT5 framework affects audit risk.
The study used a quantitative approach, distributing questionnaires to 450 workers from 150 Jordanian companies. The researchers used descriptive analysis, Pearson's correlation and multiple linear regression to analyze the data.
The study found that each independent variable, including COBIT5 had a positive and significant impact on reducing audit risks. Also, monitoring and evaluation was one of the most influential dimensions of the integrated technology group in reducing audit risks, perhaps due to the nature of the delivery of information technology within the systems of companies and the implementation of applications and services to be delivered.
Talab and Flayyih [5] determined the impact of Information Technology Governance (ITG) under the control objectives of information and related technologies (COBIT) on financial performance, in addition to that the study aimed to consider the relationships between the factors under study.
The study adopted the value-added thought coefficient approach and the specific corporate governance index and the company's performance was evaluated using the Operating Efficiency and Economic Value Added (EVA) ratio.
The study is a high level of application of ITG in banks listed on the Iraqi Stock Exchange and it was found that there is an effectiveness of the Integrated Technology Group (ITG) under the framework of COBIT in banking financial performance.
Talab and Flayyih [5] explored the role of implementing IT governance using the COBIT5 framework in improving the security of accounting information systems and also aims to assess the level of IT governance in the Commercial Bank of Iraq TBI through COBIT5 operations, including 4 dimensions (planning and organization, acquisition and implementation, support and delivery and monitoring).
The study adopted the qualitative approach through a case study conducted at the Commercial Bank of Iraq. The application of COBIT5 information technology governance mechanisms reduces the risks of data processing and improves the security of automated accounting information systems, the Commercial Bank of Iraq can implement the COBIT5 framework and the accounting system used in the bank contains all the features of information technology governance that ensure the confidentiality of customer information on the one hand and on the other hand prevent the system from being hacked.
Theoretical Framework
Introduction: There have been rapid changes in the way operations and business are conducted, due to the advancement of information technology within banking institutions. Here, information technology is no longer limited to performing a supporting function within banks. Yet, it has turned into a key enabler of business strategies, including recognizing and meeting customer needs and banking institutions face difficulties in keeping up with the needs and preferences of consumers who have become more familiar with the fields of informatics and related technology, due to the tremendous speed in the possibility of using the Internet and benefiting from its services, especially financial. This is done by providing the best technical services in a manner compatible with international standards and rules, regulatory controls and frameworks in order to maintain a better quality of information by following up on the most important technological developments while improving the capabilities and expertise of human resources and in a way that achieves effectiveness and efficiency for banks. So the COBIT5 framework is provided which is the most appropriate and best international practices in the field of monitoring and management of information technologies and the fifth edition of this framework represents a breakthrough that has received attention and satisfaction from users worldwide [3].
In this research, the concept of IT governance will be clarified, then the COBIT5 framework will be identified and its importance in general and especially on the operational performance within Iraqi companies.
Information Technology Governance
The Concept of Information Technology Governance (ITG): Information Governance (ITG) is a component of a company's strategic management, responsible for setting long-term strategic goals and translating them into short-term tactical goals [6].
IT Governance Focus Areas
IT governance focuses on the following areas [6].
Alignment, Planning and Organization (APO)
This dimension focuses on the use of information and technology and choosing the best way to harness them to achieve the company's goals, where technology and the company's activities are coordinated through planning procedures, whether short or medium-term and that the company provides during the planning and organization process a technological infrastructure, organizational structure and technical staff and communicates with them regarding the requirements for technical management [7]. In order to maintain the IT Governance Framework (ITG), it is necessary to define the management of the IT framework that interprets the characteristics of IT from the governance framework to actual procedures and practices in the company [8].
Also within the APO, a general description of the needs of stakeholders and a statement of the purpose of managing the company structure are provided, as well as the identification of capacity needs and requirements. It enables the creation of models describing the target infrastructure and the creation of a common structure consisting of business processes, information, applications, IT levels, project efficiency achievement and IT strategies [9].
APO also includes human resource management with the aim of providing a structured approach to ensure a better structure, defining responsibilities and roles and developing training and development plans by competent and qualified people [10].
Build, Acquire and Implement (BAI)
This dimension focuses on identifying the basic requirements of information technology, acquiring and implementing information technology within the company's current operations. At BAI IT requirements are identified and possessed to successfully carry out business within the company and include providing new operational solutions including implementation planning, systems and data transformation, solution testing, early product support and post-implementation review and adopting a structured approach to project and portfolio handling investment in order to achieve the objectives of the institution and to carry out regular procedures to organize and document the company's requirements and to conclude an agreement between customers and the project team on the changing system requirements [11]. The management of solutions matches the requirements set by the company in matters of information technology, where it is necessary to identify and implement IT solutions that allow compliance with those requirements [8], as well as knowledge management that is closely related to individuals with the aim of increasing knowledge in the minds of employees [12].
Delivery Service and Support (DSS)
This is done by focusing on adding importance to the IT system, in addition to providing support for data, processing it properly to continue the business activities of the company, maintaining the continuity of the flow of information and making it constantly available to internal and external users [11]. It includes process management, which refers to how companies produce or deliver goods and services that provide their continuity and operations can be considered one of many functions (marketing, finance and personal) within the company.
The function of operations can be described as a part of an organization dedicated to the production or delivery of goods and services. This means that all organizations carry out operational activities, because each organization produces goods or services. It also includes asset management, which clearly focuses on helping companies achieve their specific goals and determine the optimal mix of activities based on these goals [9].
DSS also includes problem management with the aim of minimizing, documenting and preventing the recurrence of negative impact of errors in the IT infrastructure, identifies potential impacts that threaten the company, provides a framework for building resilience and an effective feedback capability that protects the interests of key stakeholders, reputation, brand and value creation activities [13]. It focuses on security management with the aim of maintaining an information security plan that describes how information security risks are managed and aligned with company strategy [10].
Monitoring, Evaluation and Evaluation (MEA)
This work is done to have a plan to implement the monitoring and evaluation process, in which it explains what needs to be followed, what activities are necessary for the direction of follow-up and evaluation procedure, who is responsible for it and the date and place of his position.
MEA aims to monitor and control performance by ensuring that the implementation of the project steps is followed up to ensure its implementation according to the drawn plan and to follow up on any defects that may lead to the suspension or delay of the project and work to avoid it.
The project is then evaluated and has achieved results as planned [10]. It ensures that the control process ensures that internal controls continue to operate effectively and whether management reviews the design of controls when risk changes and whether controls designed to reduce risk are at an appropriate level and continue to operate effectively [13]. In addition, it reviews and ensures compliance with regulations, laws and contractual terms, including identifying compliance requirements, improving and evaluating the response, obtaining assurances that the terms have been complied with and then integrating IT compliance reports with the rest of the business.
All dimensions of Information Technology Governance (ITG) focuses on the collection and analysis of agenda-related information conducted during the implementation of the agenda, as well as the need to perform periodic guidance, for an organization, an agenda that can be conducted internally or by external independent evaluators [11].
COBIT5 Framework Concept
The COBIT5 Information Technology Governance (ITG) framework is one of the most important developments in the field of technology governance, as it helps to understand the current state of information technology of the organization, identify gaps and finally plan for improvements [14]. COBIT5 as a framework enables executives to bridge the gap between control desires, technical issues and business risks [15] and IT governance (ITG) governance support can be obtained. Through a mutual control structure [16].
The current (fifth) version of COBIT5 is built on five core principles and seven enablers, in addition, the Process Monitoring Model (PBRM) divides COBIT5 IT operations into five areas (guidance, evaluation and monitoring) (acquisition, implementation and construction) (support, delivery and service) (evaluation, monitoring and measurement). They are divided into thirty-seven high-level control objectives for these operations and more than three hundred detailed control objectives, with their appropriateness and standardization for more detailed standards, frameworks and concepts for information technology [17].
Butler [18] defined COBIT5 as a toolkit that helps business managers to recognize and understand the threats and risks surrounding the application of new technologies and technologies and to demonstrate them to shareholders, regulators and stakeholders, based on international practices that are considered the best in the world in the field of monitoring and managing information technologies.
Evolution of the COBIT5 Framework
The COBIT5 (Control Objectives for Information and Related Technology) framework was established by the Information Systems Audit and Control Association (ISACA) in 1992.
Developed by the Institute for IT Governance, COBIT5 provides a complete framework that helps the bank achieve its own goals in the field of IT management and governance. It simply helps the bank to get the maximum value from IT by generating and optimizing benefits, mitigating risks and threats, making the best use of resources and COBIT5 Banks in the management of information technology and their governance in a comprehensive manner at all levels. Figure 2 shows the stages in which the COBIT5 framework has evolved.
Importance of the COBIT5 Framework
The use of the COBIT5 framework is critical:
It is an internationally accepted framework for internal control and governance of information technologies and technology
Consistent with the requirements of the Sarbanes Oxley Act in terms of the need to form committees and groups for internal audit in all contributing institutions, with the imposition of a report by the management of the institutions confirming the full responsibility of the Board of Directors for the existence of a documented system of internal control and its effective implementation
It effectively links the objectives of the enterprise with information technology operations and pay attention to the elements of internal control
It is an open framework for work that allows the organization to take care of the affairs of monitoring information technology and technologies and addresses and deals with different categories of users and not only auditors and management
Mahmoud [19] added some of the other advantages:
Tight control over information technology and technologies
Give auditors sufficient indicators to obtain good governance
Assist users, auditors and managers in understanding the organization's IT systems
Contributes to the development of the governance model, raising the level of security and control necessary to ensure the protection of the organization's assets effectively and efficiently
Operational Performance
Concept of Operational Performance: Operational performance is considered an essential part of the overall performance of the organization, since it is a pivotal factor that represents the organization's competitive priorities such as flexibility, quality, speed of performance and low cost, I agree. However, he considered that operational performance is a set of competitive priorities such as flexibility, speed of delivery, quality and low cost. These allow service institutions to measure and evaluate their operational performance and through operational performance about the desired goals that the institution aspires to apply, which is the ability of the institution to implement its objectives [20].
It is the set of activities used within the operational performance that relate to the effectiveness and efficiency of the internal operations of the organization. Yet, Brimley and Miller agree with Warith as they saw that the operational performance reflects the nature of the organization's use of its material and human resources and the way it is invested allows it to achieve its goals, where it is possible to reform the operational performance of service institutions and evaluate it by competitive priorities of flexibility, speed of delivery and reduced cost [21].
Dimensions of Operational Performance
Cost: The aim is to reduce the cost of providing health services in order to provide them to a larger number of customers and mentioned a set of requirements to promote cost reduction, the most important of which are fixed costs, strict control over the use of resources, the method of using facilities and equipment, reducing maintenance equipment, wages and the cost of maintaining inventory and reducing the number of outlets allocated for distribution.
Slack considered the cost as the main dimension or goal that the organization seeks to make improving services in a direct way is its main priority, as it makes the lowest cost the goal of the main operations until services are produced with the best effectiveness and lowest cost. In addition, the institution reduces its costs by recognizing the areas that consumed the cost such as work teams, facilities, technology and money spent on the maintenance, replacement and installation of equipment and machinery, in addition to the cost of materials and money spent on materials consumed and places where they were disbursed [22].
Quality
The quality of the products or services provided must be completely free of errors and defects, in particular defects related to human health and life and researchers and specialists estimate that the maximum error level should not exceed 5 per million. The scientific practices of several institutions confirmed that more than 50% of quality-related problems are caused by the quality of materials used and purchased.
Flexibility
Flexibility is defined by Mandelbaum as the ability to respond effectively to changing situations and by Upton as the ability to interact and change in exchange for gaining and losing little, whether in effort, time, performance or cost (Al-Jawazna and Khazaaleh).
Achieving flexibility requires several factors, such as the time period between the customer's request and the delivery of the completed service. Also, the lower this period, the more flexible the organization is considered to meet the demands of its customers (Al-Nasser).
Delivery Time
This dimension embodies the organization's ability to adhere to service completion dates on a regular basis which refers to the time taken between receiving and terminating the customer's or beneficiary's request [23].
The Impact of IT Governance Mechanisms under the COBIT5 Framework on Operational Performance in Organizations
The COBIT5 framework provides a complete and comprehensive framework that helps organizations achieve their goals in the field of management and governance of information technologies and technology. It contributes in particular to raising the level of operational performance within these organizations, as it works on [3]:
Maintain high-quality information that supports business decisions
Generate and create value for the organization through the best use of information technology
Effectively contributes to giving the organization operational excellence through the effective and reliable application of information technology
Apply strategic goals and gain business benefits through early and effective use of IT
Keep the risks associated with information technologies within a reasonable level
Improving the cost of IT services
Promote compliance with relevant controls, agreements and regulations
Dealing with the increase in the amount of information in terms of the way institutions choose the correct and reliable information associated with their work, which in turn will contribute to making effective and efficient decisions and the way this information is managed [24]
Promote and support innovation and emerging technologies, by giving guidance and instructions, developing new products in ways that are more attractive to existing customers and trying to reach other customers and deliver them to the market with the required quality and speed
Third: Practical Framework
The researcher used questionnaire method to collect the data, which was prepared and tested so that it is compatible with the objectives of the study to show the impact of using information technology governance according to the Cobit5 framework on the operational performance of Iraqi companies and to test the hypothesis of the study.
The questionnaire was presented to a group of specialized academics to find out the appropriateness of the questions and the researcher formulated them in their final form and distributed them to the study sample and the statistical methods were used to achieve the objectives of the study and in this part the applied aspect of this study was also addressed as follows.
Descriptive Statistics for Study
The next table shows that the percentage of males reached (76%), which constitutes a higher percentage than the percentage of females in the studied sample. The percentage of university degrees reached (50.5%), which is the highest percentage in the studied sample and the percentage of employees reached (75.5%), which is the highest. Also, the practical experience was the highest percentage for those with experience of more than 9 years, reaching (68.4%), while the average age (30-40) years (49%) which is the highest in the studied sample (Table 1, 2).
Test the Validity and Reliability of the Questionnaire
The Table 3 shows the value of the Cronbach alpha coefficient at the total level of the study variables of 20 variables (resolution stability).
From the Table 3, we find that the value of the Cronbach alpha coefficient is equal to 0.963, equivalent to 96.3% at the total level of the questionnaire questions. This gives a very positive and strong indication of reliability and we also find a positive correlation between the study variables and its strength 0.844 at the level of significance zero, so the results can be adopted and meaningful generalizations reached.
Descriptive Statistics of Study Variables
Planning and Organization Theme: Table 4 shows the arithmetic mean and the standard deviation of the individuals' responses to the planning and organization axis.
The answers of the planning and organization axis that the general arithmetic mean is 3.8878 and the standard deviation is 0.78823 and this indicates that companies have a great tendency towards using planning and organization processes in their IT governance. However, at the level of statements, the first phrase occupied the first relative rank with an average of 3.96. The second phrase ranked second with an average of 3.91, while the third and fourth phrases occupied the third relative rank with an average of 3.84 and this in its entirety indicates a great trend towards the use of planning and organization processes.
Table 1: Demographic Characteristics of the Study
Variables | Number Frequency | Rate (%) | Arithmetic Mean | Standard deviation |
Sex | ||||
Male | 149 | 76 | 1.24 | 0.428 |
Female | 47 | 24 | ||
Total | 196 | 100 | ||
Qualification | ||||
Intermediate Institute Certificate and below | 14 | 7.1 | 2.35 | 0.611 |
University degrees | 99 | 50.5 | ||
Graduate | 83 | 42.3 | ||
Total | 196 | 100 | ||
Job Title | ||||
Obliged | 148 | 75.5 | 1.31 | 0.592 |
Head of Department | 35 | 17.9 | ||
manager | 13 | 6.6 | ||
Total | 196 | 100 | ||
Lifetime | ||||
less than 30 years old | 24 | 12.2 | 2.27 | 0.665 |
Between 30-40 years | 96 | 49 | ||
More than 40 years | 76 | 38.8 | ||
Total | 196 | 100 | ||
Table 2: Distribution of Respondents According to Years of Work Experience
Years of Experience | Number Frequency | Rate (%) | Arithmetic Mean | Standard Deviation |
Less than 3 years | 21 | 10.7 | 2.58 | 0.679 |
Between 3 - 9 years | 41 | 20.9 | ||
More than 9 years | 134 | 68.4 | ||
Total | 196 | 100 |
Table 3: Value of Cronbach Alpha Coefficient at the Total Level of Study Variables
Cronbach's Alpha | Honesty coefficient | Significance level | Number of items |
0.963 | 0.844 | 0.0 | 20 |
Prepared by the researcher (using SPSS software)
Table 4: Arithmetic Mean of Planning and Organization Axis Answers
| Dimension | Paragraphs | Arithmetic mean | Standard deviation | Sort by arithmetic mean |
Planning and organization feature | Long-term plans and a strategy for IT systems are carefully developed. | 3.96 | 0.888 | 1 |
The process of determining the structure of the required information is carried out as the type of data needed and the data necessary to serve the plans of the organization. | 3.91 | 1.001 | 2 | |
The IT infrastructure is planned by competent and expert authorities. | 3.84 | 0.957 | 3 | |
Annual budgets are set for IT planning. | 3.84 | 0.895 | 3 | |
Total | 3.8878 | 0.78823 | - |
Prepared by the researcher (using SPSS software)
Table 5: Arithmetic Mean of Acquisition and Implementation Axis Answers
| Dimension | Paragraphs | Arithmetic mean | Standard deviation | Sort by arithmetic mean |
Ownership and execution | Identify the software used for computers with systems to monitor and maintain their security. | 4.07 | 0.826 | 1 |
All system software elements such as installation, maintenance and usage training are provided. | 4 | 0.955 | 3 | |
Comprehensive operating manuals are prepared for all operational processes and trained if necessary. | 3.89 | 0.925 | 4 | |
There are administrative units to manage changes related to change, control and emerging problems. | 4.02 | 0.877 | 2 | |
Total | 3.9962 | 0.7457 | - |
Prepared by the researcher (using SPSS software)
Table 6: Arithmetic Mean of Plug and Support Hub Answers
| Dimension | Paragraphs | Arithmetic mean | Standard deviation | Sort by arithmetic mean |
Feature Delivery and Support | Defines common points of contact with customers and the nature and degree of security of relationships. | 3.84 | 0.963 | 1 |
Resource tables are established for uninterrupted operation. | 3.77 | 0.984 | 2 | |
A contingency plan is drawn up for crises and risks. | 3.69 | 0.991 | 3 | |
Systems are available to retrieve the necessary data in case it is needed. | 3.64 | 1.005 | 4 | |
Total | 3.736 | 0.83558 | - |
Prepared by the researcher (using SPSS software)
Ownership and Implementation
Table 5 shows the arithmetic mean and the standard deviation of the individuals' responses to the axis of ownership and implementation.
The ownership and implementation answers shows a general arithmetic mean is 3.9962 and the standard deviation is 0.7457. This indicates that companies have a great tendency towards using acquisition and implementation processes in their IT governance, while at the level of phrases, the first phrase occupied the first relative rank with an average of 4.07. The fourth phrase ranked second with an average of 4.02, while the second phrase occupied the third relative rank with an average of 4.02. The phrase occupied the third relative rank with an average of 4 and the phrase occupied third ranked fourth with an average of 3.89, which in its entirety indicates a significant trend towards the use of acquisitions and executions.
Hub Delivery and Support
Table 6 shows the arithmetic mean and standard deviation of the individuals' responses to the delivery and support axis.
The answers to the Delivery and Support axis that the general arithmetic mean is 3.736 and the standard deviation is 0.83558 so companies have a great tendency towards using delivery and support processes in their IT governance. In contrast, at the level of phrases, the first phrase ranked first with an average of 3.84, the second phrase ranked second with an average of 3.77, while the third phrase ranked third with an average of 3.69 and the fourth phrase occupied the fourth phrase with an average of 3.64, which in general indicates a significant trend towards the use of deliveries and supports.
Monitoring and evaluation axis
Table 7 shows the arithmetic mean and standard deviation of individuals' responses to the monitoring and evaluation axis.
It is clear from the answers of the monitoring and evaluation axis that the general arithmetic mean is 3.861 and the standard deviation is 0.78984. Therefore, companies have a great tendency towards using monitoring and evaluation processes in their IT governance. At the level of phrases, the fourth phrase occupied the first relative rank with an average of 3.93, the third phrase ranked second with an average of 3.88, while the first phrase occupied the third relative rank with an average of 3.83 and the phrase occupied the third relative rank with an average of 3.83 and the phrase. The second is the fourth relative ranking with an average of 3.81, which in its entirety indicates a significant trend towards the use of monitoring and evaluation processes.
Table 7: Average Arithmetic for Answers Monitoring and Evaluation Pillar
| Dimension | Paragraphs | Arithmetic mean | Standard deviation | Sort by arithmetic mean |
Monitoring and evaluation feature | Periodic data is collected for control operations and financial reporting. | 3.83 | 0.95 | 3 |
Control and evaluation mechanisms are defined to maintain the level of safety and security. | 3.81 | 1.038 | 4 | |
Regular periodic processes are carried out to measure the level of information technology used and the full suitability of the information. | 3.88 | 0.886 | 2 | |
The implementation of laws and legislations is confirmed and followed up permanently. | 3.93 | 0.886 | 1 | |
Total | 3.861 | 0.78984 | - |
Prepared by the researcher (using SPSS software)
Table 8: Arithmetic Mean of Operational Performance Axis Answers
| Dimension | Paragraphs | Arithmetic mean | Standard deviation | Sort by arithmetic mean |
Operational performance feature | Companies can increase productivity at the required level whenever needed. | 3.9 | 0.955 | 3 |
The company can reduce production and inventory costs excellently. | 3.91 | 0.935 | 2 | |
Quality tests are carried out according to international standards. | 3.88 | 0.962 | 4 | |
The company obtains its needs from suppliers in the required quantities whenever the need arises. | 3.94 | 0.924 | 1 | |
Total | 3.9082 | 0.84799 | - |
Prepared by the researcher (using SPSS)
Table 9: Degree of Correlation Between Planning, Organization and Operational Performance
Correlations | Operational performance | Planning and organizing | |
Operational performance | Pearson Correlation | 1 | 0.745** |
Sig. (2-tailed) | - | 0.000 | |
N | 196 | 196 | |
Planning and organizing | Pearson Correlation | 0.745** | 1 |
Sig. (2-tailed) | 0.000 | - | |
N | 196 | 196 | |
**Correlation is significant at the 0.01 level (2-tailed)
Operational Performance Pillar
Table 8 shows the arithmetic mean and standard deviation of individuals' responses to the operational performance axis.
The answers of the operational performance axis show a general arithmetic mean of 3.9082 and the standard deviation is 0.84799. Thus, companies are very interested in the operational performance of employees, while at the level of the statements, the fourth phrase occupied the first relative rank with an average of 3.94, the second phrase ranked second with an average of 3.91. The first phrase occupied the third relative rank with an average of 3.9 and the third phrase occupied the fourth relative rank with an average of 3.88 and this in its entirety indicates a high operational performance for workers.
Testing the Hypotheses of the Study and Analyzing the Results
In this section, all the hypotheses of the study will be tested and analyzed, which represent the initial answers to the doubts presented at the beginning of the study and a set of tests will be relied upon within the SPSS program.
There is no statistically significant impact of the use of IT governance under the Cobit5 framework on the operational performance of Iraqi companies.
The First Sub-Hypothesis
H0: There is no statistically significant effect of using planning and organization processes to enhance operational performance
H1: There is a statistically significant effect of using planning and organization processes on enhancing operational performance
Measure the Degree of Correlation Between Planning, Organization and Operational Performance
Pearson's correlation coefficient was used to measure the significant correlation between planning, organization and operational performance processes and the results were as follows in Table 9.
Table 9 shows a positive and statistically significant correlation at the level of 0.00 where the value of the correlation coefficient is 0. 745 is related to the relationship of the independent variable (planning and organization) with the dependent variable (operational performance) and this indicates a positive relationship.
Measuring the Impact of Planning and Organization on Operational Performance
The regression method was used to measure the significant impact of the independent variable (planning and organization) with the dependent variable (operational performance) and the results were as follows in Table 10.
Table 10 shows a Sig. of 0.00 and this indicates a significant regression model because of a strong and significant impact of planning and organization processes on operational performance, as it is found that the value of the coefficient Coefficients is 0. 802 and the value of t is 15.579.
Thus, there is a relationship and a statistically significant effect at the level of significance (α = 0.05) for the use of planning and organization processes on enhancing operational performance.
Table 10: Impact of Planning and Organization on Operational Performance through Regression Analysis
Coefficient value | Value of t | Sig. | Coefficient of determination R² | Effect of the independent variable |
0.802 | 15.579 | 0.0 | 0.556 | Effective |
Table 11: Degree of Correlation Between Acquisition, Implementation and Operational Performance
Correlations | Operational performance | Own and implement | |
Operational performance | Pearson Correlation | 1 | 0.752** |
Sig. (2-tailed) | - | 0.000 | |
N | 196 | 196 | |
Own and implement | Pearson Correlation | 0.752** | 1 |
Sig. (2-tailed) | 0.000 | - | |
N | 196 | 196 | |
Table 12: Impact of Acquisition and Implementation on Operational Performance through Regression Analysis
Coefficient value | T value | Sig. | Coefficient of determination R² | Effect of the independent variable |
0.855 | 15.896 | 0.0 | 0.563 | Effective |
Table 13: Degree of Correlation Between Delivery, Support and Operational Performance
Correlations | Operational performance | Delivery and support | |
Operational performance | Pearson Correlation | 1 | 0.733** |
Sig. (2-tailed) | - | 0.000 | |
N | 196 | 196 | |
Delivery and support | Pearson Correlation | 0.733** | 1 |
Sig. (2-tailed) | 0.000 | - | |
N | 196 | 196 | |
**Correlation is significant at the 0.01 level (2-tailed)
Second Sub-Hypothesis
Measure the Degree of Correlation Between Ownership, Implementation and Operational Performance
Pearson's correlation coefficient was used to measure the significant correlation between acquisitions, implementation and operational performance and the results were as follows in Table 11.
In Table 11, a positive and statistically significant correlation at the level of 0.00 where the value of the correlation coefficient is 0. 752 concerning the relationship of the independent variable (possession and implementation) with the dependent variable (operational performance) and this indicates a positive relationship.
Measuring the Impact of Ownership and Implementation on Operational Performance
The regression method was used to measure the significant impact of the independent variable (ownership and implementation) with the dependent variable (operational performance) and the results were as follows in Table 12.
In Table 12, the Sig. is 0.00 and this indicates a significant regression model, as there is a strong and significant impact of acquisitions and implementation on operational performance, as it is found that the value of the coefficient Coefficients is 0. 855 and the value of t is 15.896.
Therefore, there is a relationship and a statistically significant effect at the significance level (α = 0.05) for the use of acquisition and implementation processes in enhancing operational performance.
Third Sub-Hypothesis
H0: There is no statistically significant effect of using plugins and supports to enhance operational performance
H1: There is a statistically significant effect of using plug-ins and supports in enhancing operational performance
Measure the Degree of Correlation Between Delivery, Support and Operational Performance
Pearson's correlation coefficient was used to measure the significant correlation between delivery, support and operational performance and the results were as follows in Table 13.
It is clear from Table 13 that there is a positive and statistically significant correlation at the level of 0.00 where the value of the correlation coefficient was 0. 733 is related to the relationship of the independent variable (connection and support) with the dependent variable (operational performance) and this indicates a positive relationship.
Table 14: Impact of Delivery and Support on Operational Performance through Regression Analysis
Coefficient value | T value | Sig. | Coefficient of determination R² | Effect of the independent variable |
0.744 | 15.019 | 0.0 | 0.538 | Effective |
Table 15: The Degree of Correlation Between Monitoring and Evaluation and Operational Performance
Correlations | Operational performance | Follow-up and evaluation | |
Operational performance | Pearson Correlation | 1 | 0.827** |
Sig. (2-tailed) | - | 0.000 | |
N | 196 | 196 | |
Follow-up and evaluation | Pearson Correlation | 0.827** | 1 |
Sig. (2-tailed) | 0.000 | - | |
N | 196 | 196 | |
**Correlation is significant at the 0.01 level (2-tailed)
Table 16: Impact of Monitoring and Evaluation on Operational Performance Through Regression Analysis
Coefficient value | T value | Sig. | Coefficient of determination R² | Effect of the independent variable |
0.888 | 20.481 | 0.0 | 0.682 | Effective |
Table 17: Degree of Correlation Between IT Governance Under the Cobit5 Framework and Operational Performance
Correlations | Operational performance | Cobit5 | |
Operational performance | Pearson Correlation | 1 | 0.844** |
Sig. (2-tailed) | - | 0.000 | |
N | 196 | 196 | |
Cobit5 | Pearson Correlation | 0.844** | 1 |
Sig. (2-tailed) | 0.000 | - | |
N | 196 | 196 | |
**Correlation is significant at the 0.01 level (2-tailed)
Measuring the Impact of Delivery and Support on Operational Performance
Regression method was used to measure the significant impact of the independent variable (delivery and support) with the dependent variable (operational performance) and the results were as follows in Table 14.
Table 14 shows a Sig. of 0.00 and this indicates a significant regression model, as there is a strong and significant impact of connection and support operations on operational performance, as it is found that the value of the coefficients is 0. 744 and the value of t is 15.019.
Therefore, there is a relationship and a statistically significant effect at the significance level (α = 0.05) for the use of connections and support operations to enhance operational performance.
Fourth Sub-Hypothesis
H0: There is no statistically significant effect of using operations Monitoring and evaluation in enhancing operational performance
H1: There is a statistically significant effect of the use of operations Monitoring and evaluation in enhancing operational performance
Measuring the Degree of Correlation Between Monitoring and Evaluation and Operational Performance
Pearson's correlation coefficient was used to measure the significant correlation between monitoring and evaluation processes and operational performance and the results were shown in Table 15.
Table 15 indicates a positive and statistically significant correlation at the level of 0.00 where the value of the correlation coefficient is 0. 827 and related to the relationship of the independent variable (monitoring and evaluation) with the dependent variable (operational performance) and this indicates a positive relationship.
Measuring the Impact of Monitoring and Evaluation on Operational Performance
The regression method was used to measure the significant impact of the independent variable (monitoring and evaluation) with the dependent variable (operational performance) and the results were as follows in Table 16.
Table 16 shows a Sig. of 0.00 and this indicates a significant regression model, as there is a strong and significant impact of monitoring and evaluation on operational performance, as it is found that the value of the coefficient Coefficients is 0. 888 and the value of t is 20.481.
So, there is a relationship and a statistical effect at the level of significance (α = 0.05) for the use of monitoring and evaluation processes in enhancing operational performance.
Hence we can analyze the main hypothesis as follows:
H0: There is no statistically significant impact of the use of IT governance under the Cobit5 framework on the operational performance of Iraqi companies
H1: There is a statistically significant impact of the use of IT governance under the Cobit5 framework on the operational performance of Iraqi companies
Measuring the Degree of Correlation Between IT Governance Under the Cobit5 Framework and Operational Performance
Pearson's correlation coefficient was used to measure the significant correlation between IT governance according to the Cobit5 framework and operational performance and the results were as follows in Table 17.
It is clear from Table 17 that there is a positive and statistically significant correlation at the level of 0.00 where the value of the correlation coefficient is 0. 844 concerning the relationship of the independent variable (IT governance according to the Cobit5 framework) with the dependent variable (operational performance), which indicates a positive correlation.
Table 18: Impact of IT Governance under Cobit5 Framework on Operational Performance through Regression Analysis
Coefficient value | T value | Sig. | Coefficient of determination R² | Effect of the independent variable |
1.002 | 21.956 | 0.0 | 0.713 | Effective |
Measuring the Impact of IT Governance According to the Cobit5 Framework on Operational Performance
Regression method was used to measure the significant impact of the independent variable (IT governance according to the Cobit5 framework) with the dependent variable (operational performance) and the results were as follows in Table 18.
Table 18 reveals a Sig. is 0.00 and this indicates a significant regression model, as there is a strong and significant impact of IT governance according to the Cobit5 framework on operational performance, as it was found that the value of the coefficient Coefficients is 1.002 and the value of t is 21.956.
This means there is a relationship and a statistically significant effect at the significance level (α = 0.05) for the use of IT governance according to the Cobit5 framework in enhancing operational performance.
Results
It is clear from the direction of the answers of the Planning and Organization pillar that the overall arithmetic mean is 3.8878 and the standard deviation is 0.78823, which indicates that companies have a great tendency to use planning and organization processes in their IT governance
The answers to the acquisition and execution axis shows that the overall arithmetic mean is 3.9962 and the standard deviation is 0.7457, which indicates that companies have a significant tendency towards using acquisition and implementation processes in their IT governance
It is clear from the direction of the Plug-in Support Responses that the overall arithmetic mean is 3.736 and the standard deviation is 0.83558, which indicates that companies have a significant trend towards using delivery and support processes in their IT governance
The M&E responses shows a general arithmetic mean of 3.861 and the standard deviation is 0.78984 and this indicates that Companies have a great orientation towards Use Operation Monitoring and evaluation in its IT governance
The answers to the operational performance axis that the overall arithmetic mean is 3.9082 and the standard deviation is 0.84799 and this shows that companies pay great attention to the operational performance of employees
There is a relationship and a statistically significant effect at the significance level (α = 0.05) for the use of planning and organization processes to enhance operational performance
There is a relationship and a statistically significant effect at the significance level (α = 0.05) for the use of acquisition and execution processes to enhance operational performance
There is a relationship and a statistical effect at the significance level (α = 0.05) for the use of connections and supports in enhancing operational performance
There is a statistically significant relationship and effect at the significance level (α = 0.05) for the use of monitoring and evaluation processes to enhance operational performance
There is a statistically significant relationship and effect at the significance level (α=0.05) for the use of IT governance under the Cobit5 framework in enhancing operational performance
The results of the tests show that the follow-up and evaluation processes explain the operational performance more, as an increase of one unit of the follow-up and evaluation variable contributes to the interpretation of 0.888 units of the dependent variable the quality of operational performance, while it explains each of, respectively (owning and implementing, planning and organizing, delivery and support) by 0.855, 0.802 and 0.744 units, respectively
Recommendations
This work recommends:
Planning the information technology that companies need on an annual basis and the participation of all parties to know the needs
Using the expertise of specialized committees in information technology to study the infrastructure of any new expansion of companies and inspect the infrastructure of the companies in charge of their business
Consulting engineers and committees specialized in the field of software to study the need, number, type and characteristics of computers with the software necessary for their operation
Preparing manuals and operating manuals for all software used in companies and training employees to use it
Improving relations with all suppliers and opening cooperation with new supply chains with inventory control within companies by the company and suppliers to avoid any shortages
Developing trusting relationships with customers and meet their desires and requirements quickly and satisfactorily
Denveloping emergency plans and risk management in case of malfunctions within the software used
Forming special departments to protect existing information from any intrusion and determine access permits for this information
Forming specialized departments to periodically evaluate information technology equipment and equipment to maintain the safety of performance and business continuity
Following up the implementation of laws and legislations that regulate the work environment and the nature of the information technology used
Mohammed, R. et al. “The Impact of IT Governance on Financial Performance: A Field Study on Private Commercial Banks Operating in the Syrian Coast.” Tishreen University Journal for Research and Scientific Studies-Economic and Legal Sciences Series, vol. 43, no. 6, 2021.
Al-Sawah, N.S.I. “The Impact of Applying Information Technology Governance on the Balanced Scorecard to Enhance Leadership and Growth in Egyptian Banks: A Field Study.” CAF, vol. 40, 2020. Paper presented at the Special Issue College Conference.
Mohammmed, A. and A.R.S. AL-Basri. “Impact of COBIT5 Framework Application in the Efficiency and Effectiveness of Information Technology: An Applied Analytical Study of a Sample of Iraqi Private Shareholding Banks.” Journal of Techniques, vol. 2, no. 2, 2020, pp. 1-15.
Alsaleem, E.A. and N.M. Husin. “The Impact of Information Technology Governance under COBIT-5 Framework on Reducing the Audit Risk in Jordanian Companies.” International Journal of Professional Business Review, vol. 8, no. 2, 2023, e01236-e01236.
Talab, H.R. and H.H. Flayyih. “An Empirical Study to Measure the Impact of Information Technology Governance under the Control Objectives for Information and Related Technologies on Financial Performance.” International Journal of Professional Business Review, vol. 8, no. 4, 2023, e01382-e01382.
Alotaibi, M. et al.. “The Impact of Information Technology Governance in Reducing Cloud Accounting Information Systems Risks in Telecommunications Companies in the State of Kuwait.” Modern Applied Science, vol. 15, no. 1, 2021, pp. 143-151.
Tuttle, B. and S.D. Vandervelde. “An Empirical Examination of COBIT as an Internal Control Framework for Information Technology.” International Journal of Accounting Information Systems, vol. 8, no. 4, 2007, pp. 240-263.
Patón-Romero, J.D. et al. “A Governance and Management Framework for Green IT.” Sustainability, vol. 9, no. 10, 2017, p. 1761.
Tanuwijaya, H. and R. Sarno. “Comparation of COBIT Maturity Model and Structural Equation Model for Measuring the Alignment between University Academic Regulations and Information Technology Goals.” International Journal of Computer Science and Network Security, vol. 10, no. 6, 2010, pp. 80-92.
Wolden, M. et al. “The Effectiveness of COBIT 5 Information Security Framework for Reducing Cyber Attacks on Supply Chain Management System.” IFAC-PapersOnLine, vol. 48, no. 3, 2015, pp. 1846-1852.
Iqbal, A. et al. “COBIT 5 Domain Delivery, Service and Support Mapping for Business Continuity Plan.” AIP Conference Proceedings, 2016.
Miklošík, A. “Effects of Knowledge Management Implementation in the ICT Sector.” European Journal of Science and Theology, vol. 10, Suppl. 1, 2014, pp. 121-129.
Mutiara, A. et al. “Analyzing COBIT 5 IT Audit Framework Implementation Using AHP Methodology.” JOIV: International Journal on Informatics Visualization, vol. 1, no. 2, 2017, pp. 33-39.
ISACA. COBIT 5: The Framework Exposure Draft. Rolling Meadows, IL, 2011.
Goldman, J.E. and S. Ahuja. “Integration of COBIT, Balanced Scorecard and SSE-CMM as an Organizational and Strategic Information Security Management Framework.” ICT Ethics and Security in the 21st Century: New Developments and Applications, IGI Global, 2011, pp. 277-309.
Al Qassimi, N. and L. Rusu. “IT Governance in a Public Organization in a Developing Country: A Case Study of a Governmental Organization.” Procedia Computer Science, vol. 64, 2015, pp. 450-456.
Alramahi, N.M. et al. “Information Technology Governance Control Level in Jordanian Banks Using: Control Objectives for Information and Related Technology (COBIT 5).” Information Technology, vol. 6, no. 5, 2014.
Butler, R.J. “Applying the COBIT Control Framework to Spreadsheet Developments.” arXiv Preprint, 2008.
Mahmoud, A.A.A.R. “The Effect of Teaching Chemistry in Electronic Scientific Stations on Achievement and Technological Literacy among Second Intermediate Students.” Journal Intelligence Researches, vol. 14, no. 29, 2020.
Al-Sayyid, B.O.F. and S.B. Ibrahim. “The Mediating Role of Total Quality Management Systems in Improving the Relationship between Service Quality and Improving Performance in Service Organizations.” Journal of Total Quality Management, vol. 16, no. 1, 2015.
Taj, S. and C. Morosan. “The Impact of Lean Operations on the Chinese Manufacturing Performance.” Journal of Manufacturing Technology Management, 2011.
Al-Lami, T.N.A.A.S. and D.S.D. Al-Rawi. “The Effect of the Flipped Classroom Strategy on the Achievement of Chemistry among Fifth-Grade Female Students.” Al-Nasaq Magazine, vol. 34, no. 4, 2022.
Lami, G.Q.D. and B.A. Shaker. “Analysis of Performance Improvement Indicators (Case of Babylon 1 Battery Factory).” Al-Qadisiyah Journal of Administrative and Economic Sciences, vol. 10, 2008.
Kassar, N. Evaluation of the Technical Structures of Syrian Banks Based on the COBIT5 Framework. Master's thesis, Syrian Virtual University, 2019.
Download PDF
Download PDF
Download PDF
Download PDF
Download XML
