The Role of Maturity Models in IT Governance: A Comparison of the Major Models and Their Potential Benefits to the Enterprise

The Role of Maturity Models in IT Governance: A Comparison of the Major Models and Their Potential Benefits to the Enterprise

G. Philip Rogers (Analyst/Project Manager, USA)
DOI: 10.4018/978-1-60566-008-0.ch014
OnDemand PDF Download:


This chapter assesses what role maturity models can play in enterprise IT governance. Frameworks that are well known in the IT industry, such as the Capability Maturity Model, make it possible to assess maturity in key areas. The author describes additional maturity models that have no formal association with a comprehensive framework, the application of which represent significantly less overhead than the larger frameworks that include a maturity model component. The author seeks to present a broad perspective on maturity models that enterprises can use as a preliminary means of evaluating what tools are available to them. As such, this overview of maturity models is intended to facilitate the selection of a model that can bring about improved IT governance in one or more focus areas.
Chapter Preview


Organizations have a number of tools and techniques at their disposal to facilitate governance of the enterprise, and one of their chief areas of focus continues to be how best to govern information technology (IT). Although the corporate scandals of recent years have invited greater scrutiny over enterprise business practices, it has been clear for quite some time that there is a need for greater oversight via corporate governance, and by extension, IT governance. During the mid-1980’s, when the application of enterprise-wide IT to business problems was still a relatively new phenomenon, it was already becoming apparent to some industry leaders that there was a need for greater oversight over IT activities. As noted by McGovern, Ambler, Stevens, Linn, Sharan, and Jo (2004), one of the outcomes of that need for greater oversight was the development of the Capability Maturity Model (CMM) at Carnegie Mellon University’s Software Engineering Institute (SEI) (2006). Since the introduction of the CMM, numerous variations of the original model have emerged, culminating with the merger of several of those models as the Capability Maturity Model Integration, or CMMI. Meanwhile, numerous other frameworks have emerged that include a capability maturity model component, as well as specialized maturity models that are not part of a formal framework. The purpose of this chapter is to introduce the most significant maturity models, to compare those models, and to assess the extent to which the various models can facilitate IT governance activities in the corporations of today and tomorrow.

Literature Review

Although a detailed treatment of corporate governance is beyond the scope of this chapter, a brief introduction to the topic is necessary to place IT governance within the larger governance context. Gottschalk (2006) suggests that it is necessary to consider three distinct views of the enterprise when preparing to assess and implement corporate governance and IT governance practices. According to what he calls the “resource-based view”, differences in enterprise performance are directly attributable to differences in resources and capabilities, while the activity-based and value configuration-based views focus on enterprise performance in terms of measurement of resource flows within activities and measurement of business processes in terms of the creation of business value for customers, respectively. By way of contrast, Cingula (2006) diverges from what he sees as the standard view of corporate governance where the focus is typically on financial regulations or decision making frameworks driven by legal considerations, instead changing the focus to the most important processes in the enterprise. Cingula goes on to suggest that some of the most important processes from a corporate governance perspective include strategic planning, financial reporting, controlling, and public relations processes.

Even if IT governance were not the focus of this volume, no discussion of corporate governance is complete without mention of IT governance. In a 2005 study completed by the United Kingdom Office of Government Commerce (OGC), the IT Governance Institute (ITGI), and the IT Service Management Forum (itSMF), the authors identify numerous business reasons for defining and following IT best practices. Examples of these business reasons include greater interest in and oversight over IT spending and return on investment, a growing body of regulatory and compliance instruments in industries such as finance, pharmaceuticals, and health care, and the need to exercise great care when selecting business partners such as those who specialize in service acquisition and outsourcing.

Because IT governance activities are typically broad in scope, it can be helpful to conceptualize the application of IT governance to an organization’s day-to-day activities in terms of business processes. Betz (2007) describes what he considers the three most important process frameworks, which, in addition to the aforementioned CMMI, are the ITGI’s Control Objectives for Information and related Technology (COBIT), and the OGC’s Information Technology Infrastructure Library (ITIL), in particular, the two ITIL volumes that focus on IT Service Management (ITSM). What follows is an introduction to maturity models in general, followed by an overview of these three key maturity model frameworks.

Complete Chapter List

Search this Book:
Table of Contents
Wim Van Grembergen
Aileen Cater-Steel
Aileen Cater-Steel
Chapter 1
Sherrena Buckby, Peter Best, Jenny Stewart
This chapter introduces current and prior IT governance literature across five key focus areas being strategic alignment of business and IT systems... Sample PDF
The Current State of Information Technology Governance Literature
Chapter 2
Junghoon Lee, Changjin Lee
Domestic and global companies are increasingly using information and communication technologies as a means of delivering their strategic visions and... Sample PDF
IT Governance-Based IT Strategy and Management: Literature Review and Future Research Directions
Chapter 3
David Musson
This chapter reviews the IT governance literature. It proposes that there are three different concepts that are grouped together as IT governance.... Sample PDF
IT Governance: A Critical Review of the Literature
Chapter 4
Jyotirmoyee Bhattacharjya, Vanessa Chang
This chapter introduces key IT governance concepts and industry standards and explores their adoption and implementation in the higher education... Sample PDF
Adoption and Implementation of IT Governance: Cases from Australian Higher Education
Chapter 5
Lynne Gerke, Gail Ridley
This chapter examines the potential to use an audit program based on the Control Objectives for Information and related Technologies (CobiT)... Sample PDF
Tailoring CobiT for Public Sector IT Audit: An Australian Case Study
Chapter 6
Tony C. Shan, Winnie W. Hua
This chapter defines a methodical approach, named Comprehensive Architecture Rationalization and Engineering (CARE), to effectively manage the... Sample PDF
Comprehensive Architecture Rationalization and Engineering
Chapter 7
Junghoon Lee, Jungwoo Lee, Ja Young Lee
Research has recently begun to place greater emphasis on the strategic application of IT in seeking to integrate firms’ IT infrastructures and... Sample PDF
A Comparative Case Study of Three Korean Firms: Applying an IT Governance Framework
Chapter 8
Breanna O’Donohue, Graeme Pye, Matthew J. Warren
This chapter focuses upon the Australian Standard for the Corporate Governance of Information and Communication Technology (ICT) AS8015 (Standards... Sample PDF
The Impact of ICT Governance within Australian Companies
Chapter 9
Mark Toleman, Aileen Cater-Steel, Brian Kissell, Rob Chown, Michael Thompson
Acting upon the recommendations of a review of information and communications technology (ICT) governance and services at USQ, a major restructure... Sample PDF
Improving ICT Governance: A Radical Restructure Using CobiT and ITIL
Chapter 10
Brian Cusack
Security is a subprocess that affects all processes within an organization structure. The control frameworks of CobiT and ITIL provide a mapping of... Sample PDF
Managing IT Security Relationships within Enterprise Control Frameworks
Chapter 11
Michael A. Borth, Randy V. Bradley
This chapter discusses the overall importance of both corporate and IT governance, and demonstrates that IT governance is a very important... Sample PDF
Unexplored Linkages between Corporate Governance and IT Governance: An Evaluation and Call to Research
Chapter 12
Alea Fairchild, Martin Smits, Piet Ribbers, Erik van Geel, Geert Snijder
This document summarizes the initial findings of the I-Fit research project that started in August 2006 as a joint activity of a regional ICT... Sample PDF
I-Fit: Optimizing the Fit between Business and IT
Chapter 13
Tobias Kollmann, Matthias Häsel
This chapter articulates the knowledge and skills required by IT professionals in young Internet-based firms. Building on the general IT governance... Sample PDF
Competence of Information Technology Professionals in Internet-Based Ventures
Chapter 14
G. Philip Rogers
This chapter assesses what role maturity models can play in enterprise IT governance. Frameworks that are well known in the IT industry, such as the... Sample PDF
The Role of Maturity Models in IT Governance: A Comparison of the Major Models and Their Potential Benefits to the Enterprise
Chapter 15
Yael Dubinsky, Avi Yaeli, Yishai Feldman, Emmanuel Zarpas, Gil Nechushtai
Governance is the exercise of control and direction over a subject such as a society, an organization, processes, or artifacts, by using laws and... Sample PDF
Governance of Software Development: The Transition to Agile Scenario
Chapter 16
Anne C. Rouse
This chapter considers the governance issues raised by the increasing use of external parties to supply IT resources (including packaged enterprise... Sample PDF
The Governance Implications When it is Outsourced
Chapter 17
Muralidharan Ramakrishnan
This chapter is intended primarily for managers who are preparing to implement portfolio management concepts in an organization and students of IT... Sample PDF
IT Portfolio Management: A Pragmatic Approach to Implement IT Governance
Chapter 18
Andrew Dowse, Edward Lewis
With the cost, complexity and risk associated with IT systems, the approach to IT governance and service management in many organizations is to... Sample PDF
Applying Organizational Theories to Realize Adaptive IT Governance and Service Management
Chapter 19
Jon Iden
This chapter presents and analyzes a real life ITIL project, and it is based on a longitudinal case study. The purpose is to illustrate how the ITIL... Sample PDF
Implementing IT Service Management: Lessons Learned from a University IT Department
Chapter 20
Neil McBride
This chapter describes a suggested model for developing a service strategy within IT services. It considers the context, the organization of IT... Sample PDF
A Model for IT Service Strategy
Chapter 21
Manuel Mora, Ovsei Gelman, Rory O’Connor, Francisco Alvarez, Jorge Macías-Luévano
This chapter develops a descriptive-conceptual overview of the main models and standards of processes formulated in the systems engineering (SE)... Sample PDF
An Overview of Models and Standards of Processes in the SE, SwE, and IS Disciplines
Chapter 22
Claus-Peter Praeg, Dieter Spath
This chapter introduces an IT-Service management framework for the use of quality management concepts in the context of the life cycle phases of... Sample PDF
Perspectives of IT-Service Quality Management: A Concept for Life Cycle Based Quality Management of IT-Services
Chapter 23
Chee Ing Tiong, Aileen Cater-Steel, Wui-Gee Tan
This study reviews literature related to financial metrics that organizations could use in measuring the return on investment from their adoption of... Sample PDF
Measuring Return on Investment from Implementing ITIL: A Review of the Literature
Chapter 24
Dirk Malzahn
This chapter describes how models for software development and service delivery can be integrated into a common approach to reach an integrated... Sample PDF
Integrated Product Life Cycle Management for Software: CMMI1, SPICE, and ISO/IEC 20000
About the Contributors