Evaluating a Framework for Implementing IT Governance in Uganda’s Higher Institutions of Learning

The reliance on IT in day-to-day organization activities raises concern about how to deal with its increasing complexity. Managing IT necessitates implementing IT governance to realize the benefits of IT use. However, there is a lack of suitable frameworks to implement IT governance. For higher institutions of learning (HILs) in Uganda, the case is not different; hence, there is need to provide a framework to implement IT governance in Uganda’s HILs. This paper therefore applies design science research principles to evaluate a framework for implementing IT governance in HILs in the context of Uganda. It was mainly achieved using a previous study in this environment as a basis. Framework evaluation was conducted using case study and expert opinion methods. Contrarily, the evaluation criteria was based on the framework understandability, ease of use, usefulness, and completeness. Results from the evaluation showed the framework satisfactorily implements IT governance in Uganda’s HILs.


INTRoDUCTIoN
The growing usage of IT in daily operations has increased concern about organizations' increase and perilous need for IT and how to handle its increasing complexity (Borja et al., 2018).Barbosa et al. (2014) point out that IT is vital in supporting institutional developments.It is crucial for growth, innovation, and consolidation of fusions and acquisitions.Yet, Albertin and Albertin (2008) present that consistently determining the benefits of IT presents some challenges for managers due to the particularities of IT management.According to Nfuka and Rusu (2010), an understanding and familiarity with IT are essential to developing the alignment between business strategy and IT.Also, IT improves effectiveness and efficiency in public service delivery in public sector organizations (NITA-U, 2018).For Higher Institutions of Learning (HILs), IT enables automated access to public services using government IT platforms (Montenegro & Flores, 2015).
IT governance is a process by which organizations align their information technology operations and services with their performance goals and strategic objectives and assess the results (Barbosa et al., 2014).Majid et al. (2015) showed that IT governance is an essential instrument in supporting and achieving the goals of an organization.Alreemy et al. (2016) and Kumar (2014) observed that IT governance smoothies working processes.Besides, it also offers solutions within budget, better quality, and on time (Bianchi & Sousa, 2015).
IT in HILs is complex, consisting of a heterogeneous set of technologies involving various applications, platforms, educational systems, and cloud applications to support their teaching, learning, research, and administrative processes (Bianchi et al., 2017).Managing IT systems necessitates implementing IT governance (Nyeko et al., 2018) to encourage and realize desirable behavior of IT use.In contrast, the increased complexity of IT, the need to control IT costs, and also consequences of legal requirements have caused organizations to reflect on the importance of IT governance (Novotny et al., 2012).
To enable improved public service delivery, the government invests a lot of money in IT systems to serve its citizens (NITA-U, 2013).The Ministry of ICT and National Guidance (MoICT&NG) is the lead and provides necessary policy frameworks in conjunction with regulatory bodies such as National Information Technology Authority-Uganda (NITA-U).The public sector in Uganda consists of ministries, departments, and agencies (local government and academia) (NDP II, 2015).In support of IT in the public sector in Uganda, the government has enabled many organizations to connect to the National Data Transmission Backbone and e-Government Infrastructure.Implementing the Last Mile Project extends connectivity to 700 ministries, departments, and agencies across the country (PML Daily, 2020) and puts up ICT incubation hubs/centers and ICT parks to support ICT innovations and ICT-enabled services (NDP II, 2015).NITA-U has developed a methodology for managing IT projects for public and private sector organizations (NITA-U, 2013).Also, there is heavy investment in IT systems to support operations in Uganda's HILs.Despite all this, IT systems continue not to satisfactory work to users' expectations in HILs in Uganda (Anjoga & Kituyi, 2016;NITA-U, 2013).Bianchi et al. (2017) state that multiple systems, structures, processes, and technologies instituted at HILs bring significant complexity to managing IT, necessitating a focus on IT governance.Empirical studies concerning appropriate IT governance frameworks and IT governance performance are still limited (Bianchi et al., 2017).Most existing studies in the IT governance sphere have been for the developed countries (Arshad et al., 2014) disregarding the developing countries' context.Yet, the implementation of IT governance in HILs in Uganda is not known.
This paper applied design science research to address the gap by developing a framework for implementing IT governance in Uganda's HILs (IGHU).This was attained in two phases: development and evaluation.Where the development phase was based on a previous study that designed a conceptual framework for IT governance mechanisms in Uganda's HILs.The evaluation phase was based on a case study institution using interviews with 7 respondents and opinions from 9 experts from academia and practitioners.The following sections are organized as follows: section 2 covers the research methodology and research process, section 3 presents results and the discussion, and section 4 gives the conclusion.

Application of Design Science Research
The IGHU framework was developed using design science and its interplay with behavior science (Hevner et al., 2004;Johannesson & Perjons, 2014).This was inspired by the development of a framework to implement IT governance in the studied degrees awarding 8 HILs in Uganda by providing an artifact in this case a framework.This framework provides practical knowledge necessary for improving IT governance in these institutions.This knowledge is known as a design theory (Peffers & Tuunanen, 2005).
Likewise, design theory development presents a cycle of proposing, refining, and testing design theory (Hevner & Chatterjee, 2010).Design science research is presented in form of a cycle in two phases of build and evaluation which is iteratively done related to the artifact built to address the known problem, and then evaluated onto the solution it provides (Hevner et al., 2004).The development was achieved in the following cycles through iterations (Figure 1).
The relevance cycle: the numerous iterations of the relevance cycle involving A, B, and C, enabled us to determine the requirements of this study's artifact and deðne necessary criteria to evaluate results for this study (Hevner, 2007) to establish if the built artifact enhances the contextual environment.The design cycle: the needs from the contextual environment and evaluation feedback from the contextual environment showed by A and C. The outcomes of the design cycle are two folds.First, the need to examine the relevance of the design artifact to the contextual environment upon evaluation and the key additions to knowledgebase shown by B and E. Second, the relevant knowledge from the knowledge base used to support the design and evaluation of the artifact in this study showed by D. The rigor cycle: this study adopted fundamental scientiðc approaches involving IT governance theories, IT governance frameworks, models and methodologies, and IT governance mechanisms to design.Which resulted in the development of a conceptual framework to implement IT governance in Uganda's HILs (Ndagire et al., 2021) as earlier mentioned.The evaluation was accomplished in two phases using case study and expert opinion methods.

Development Phase
The development phase involved conducting an exploratory study in eight public degree-awarding institutions.Namely; Makerere University, Mbarara University of Science and Technology, Gulu University, Kyambogo University, Busitema University, Kabale University, Lira University, and Soroti University.The study aimed to investigate implemented IT governance mechanisms to derive requirements for the conceptual framework (IGHU).
The study extended the IT governance conceptual framework for the public sector (Laita & Belaissaoui, 2017) and IT governance mechanisms got from relevant literature.The study of Laita and Belaissaoui (2017) was selected because it had the highest number of IT governance mechanisms of interest compared to other selected studies.Also, this framework indicated external and internal environment mechanisms for implementing IT governance and was developed for public sector organizations in developing countries.
A descriptive field study was conducted which aimed to test and validate the constructs of IGHU.The reliability test was done using composite reliability and validity was tested using average variance extracted.Hence, constructs whose composite reliability was below 0.70 and the average construct extracted was below 0.50 were discarded (Hair et al., 2016;Henseler et al., 2009).The remaining constructs that were statistically significant (using a p-value of 0.05) were considered for the development of IGHU.Upon the establishment of the conceptual framework to implement IT governance in Uganda's HILs (Ndagire et al., 2021), a framework evaluation was carried out.The internal environment mechanisms were: IT strategy committee, CIO reporting to CEO, architecture steering committee, accountability of IT projects, IT risk management, IT leadership, IT/business partnership, senior management involvement, and awareness campaigns.While the external environment mechanisms were; Government, industry and customers, and stakeholders' participation.Hevner et al. (2004) noted that a developed artifact should be evaluated onto the product they present in the contextual environment by use of case study, field study, analytical, or simulation methods.Evaluation is a systematic form that enables collecting information concerning the characteristics, activities, and outcomes of a product to facilitate decision-making (Newcomer et al., 2015).Newcomer et al. (2015) further note that evaluation helps determine if a product will perform as planned, meet its goals and objectives, and may help to find areas for improvement.In this study, the evaluation criteria used were understandability, completeness, ease of use, and usefulness as in earlier related studies (Nfuka & Rusu, 2013).Given the problem and concept of the IGHU framework (Figure 2), the evaluation was done as follows.

Evaluation Phase
Phase 1.Since the evaluation of IT governance is more appropriate in a real environment, the case study method was deemed suitable (Al Omari, 2016) to evaluate IGHU.The studied case was Kyambogo University because it was convenient for the researchers.Purposive sampling was used to determine the respondents who met the evaluation criterion (Annum, 2016).Seven respondents were selected; IT directors/managers (four), and business directors/managers (three).Guided face-to-face interviews were conducted using interview questions.IGHU framework was sent to the respondents before conducting the interviews.The respondents were individually interviewed for an average of 30 minutes and the feedback was noted and recorded.
Phase 2. The expert opinion method was used in phase 2 to evaluate IGHU.A self-administered questionnaire was used.Nine experts in IT governance in HILs were selected depending on their expertise, credibility, and dependability.This is in line with (Rowe & Wright, 2001), who contended an adequate number of 5-10 experts for an evaluation.Respondents (from academia and practitioners) included: NITA-U (two), Ministry of Education and Sports (one) and Ministry of ICT & National Guidance (two), and four HILs in Uganda, namely Makerere University (one), Mbarara University of Science and Technology (one), Soroti University (one) and Kabale University (one).The questionnaire consisted of a 5 Linkert scale ranging from strongly agree to strongly disagree, indicating the level of agreement of experts in IT governance.Likewise, the mean, mode, and standard deviation were measured to summarize how IT governance experts responded and determined the responses' closeness.

Phase 1. Evaluation of IGHU using Case Study Method
Respondents were represented from three levels of the organizational hierarchy: top management, middle management, and operational management (table 1).Three respondents represented top management, two represented middle management, and two represented operational management.The representation of respondents from the different hierarchy levels was used to reduce the bias of results.
Interview responses and resultant improvements in IGHU were as follows.
Understandability of IGHU: Views of respondents on the understandability of IGHU were analyzed and presented as follows.
When asked if IGHU "was clear and not ambiguous": Most of the respondents agreed that the framework was straightforward and did not leave any doubt; however, the following was noted.R5 mentioned, "the framework is clear to me since I head the directorate of planning and development."R7 and R4 observed that "the framework should be more specific to HILs than public sector organization."It was observed that the IT governance mechanism "Strategic Business Objectives" should be indicated to show the overall goal of the framework.R1 mentioned that "consider how critical IT is in obtaining the institution's objectives such as teaching, learning, research, and administrative processes." Respondents were asked if IGHU "serves the purpose of implementing IT governance in HILs in Uganda".However, all the respondents noted that the framework serves the purpose of implementing IT governance.It was pointed out that the framework was a guiding tool for IT management.For example, "if you look at Integrated Financial Management System, it helps us run reports, and suppliers are paid timely so this framework will guide" R7.R6 noted that measuring the value of IT should be implemented at a high level in HILs to realize IT's role.R6 was quoted having said that "if you can't measure it, then you can't control it." Findings on "easy to learn".Although most respondents mentioned that IGHU was easy to understand and spent little time mastering it, some respondents indicated the framework was lacking.For instance, it was observed that information flow was not well presented.In addition, the framework had unidirectional arrows implying information flows in one direction.For example, R3 informed us that "there should be a bidirectional arrow between Chief Information Officer (CIO) on board and executive IT management." When asked if the IGHU "has clear language".Most respondents agreed that the framework had straightforward language.However, a term like CIO was new to most of them.For example, R2 and R7 mentioned that "CIO is a new abbreviation and such abbreviations should not be used in the framework or a key should be provided."R1 indicated that the word "evaluation" should be added to the process "monitoring" since monitoring is a continuous process and evaluation provides the outcome; therefore, the process should be named "monitoring and evaluation."R1 further proposed Table 1.Distribution of respondents for evaluation of IGHU using case study method that accountability for IT projects be combined with monitoring and evaluation and was quoted having said that "you cannot monitor and evaluate without accounting for actions."Also, it was suggested that the "architectural steering committee be renamed as architecture and infrastructure committee since it is supposed to provide input, recommendations, and architected solutions on IT infrastructure service types such as data and voice network, email, calendar, and productivity tools" R4.
Ease of use of IGHU: Views of respondents on ease of use of IGHU were analyzed and presented.Findings on "whether the framework was efficient to use" showed that respondents agreed that IGHU was efficient to be used.For example, R1 stated that "the framework was to a greater level efficient for usage".R3 mentioned that "the framework greatly improves implementing IT governance in academic institutions."R2 said that "the framework can easily be used once awareness campaigns in HILs are undertaken and should be steered by top management to lower people to avail support." Findings on "if the framework can easily be recalled and accepted" showed that most respondents agreed that they quickly recognize IT governance mechanisms, and they recommend the framework to be used.R7 noted that since "the mechanisms are categorized into the internal and external environment; they can easily be remembered."However, R6 noted that "yes, the framework can easily be recalled, but staff who are old in nature have to be trained and nurtured to apply it." When asked if the framework "reduces operations tasks", most respondents noted that the framework reduces the functions of IT operations in HILs.One respondent informed us that "since IT is an enabling component in the day-to-day activities in the institution, then the framework will help" R6.It was observed that the framework eliminates unnecessary tasks because it aligns mechanisms at their respective organizational levels.
Respondents were asked if the proposed framework is like well-known IT governance frameworks.Findings indicated that most respondents agreed that IGHU is somehow similar to the existing frameworks.It was observed that "the framework is consistent with other general frameworks because it consists of mechanisms for IT governance implementation" R2.However, R3 urged the framework to be further structured for it to be more helpful.
The usefulness of IGHU: Views of respondents on the usefulness of IGHU were analyzed and presented as follows.
When asked to assess "if the framework added knowledge", most respondents indicated IGHU improved their skills.For example, R1 noted, "the framework provides the necessary IT governance mechanisms that should be in place to realize IT governance implementation and improve IT management." Findings on "whether the framework guided in making appropriate IT decisions, planning of IT systems and improve strategic alignment of IT and business".Respondents noted that the framework would guide them in making IT decisions.R5 was quoted having said that "it is well detailed; it helps in completion of IT processes, i.e., it is like a checklist."It was also observed that "the framework will help on guiding in policy development because usually policies are developed as emergency measures so such a framework will guide policymakers" R1.However, R4 told the researcher that "once the framework is enhanced, it will help realize IT gaps."R5 further urged to structure of IGHU as an "ICT Charter Outline for Universities.""This outlines the decision-making authority and responsibility of various IT governance organs" R5.R7 also noted that stakeholders' participation is like the government, industry, and customers since they are all stakeholders in HIL; thus, they should be combined.
Completeness of the IGHU: Views of respondents on the entirety of IGHU were analyzed and presented as follows.
Assessment of the completeness of IGHU showed that the framework was to a greater extent complete (table 2).Respondents noted that the framework catered to key stakeholders in IT governance.However, R4 said that "the framework will be regarded complete only if the raised concerns are addressed." The improved framework is shown in figure 2 as follows.

Phase 2: Evaluation of IGHU using expert opinion method
The improved framework after phase one was sent to respondents before the exercise was carried out.The distribution of respondents is in table 3. Results for experts in IT governance were as follows.
Understandability of IGHU: The aspects assessed were whether the IGHU was clear and not ambiguous, served the purpose of implementing IT governance, was easy to learn and had clear language.The mean, mode, and standard deviation of experts concerning the understandability of IGHU are in table 4.
Experts in IT governance agreed that IGHU was clear, and they would easily differentiate IT governance mechanisms for the internal environment and external environment.They further expressed that IGHU was detailed and well described.However, it was noted that the terms used should be customized to common and well-known terms of Ugandan HILs.Such terms included "Graduate & Professional Student Council" to "Research and Graduate Studies"; "HILs Staff Council" to "Academic Staff Association and Non-Academic Staff Association"; "Awareness Campaigns" to "Awareness and Advocacy"; and "Student Government Association" to "University Guild".It was also suggested that the following IT governance mechanisms be eliminated, such as the architecture & infrastructure committee because its functions are presumed to be handled by IT leadership.

Table 2. Summary for phase 1 evaluation of IGHU Figure 2. IT governance framework for HILs in Uganda from phase 1 of framework evaluation Table 3. Distribution of experts for evaluation of IGHU
The average mean of 4.22 showed that experts in IT governance clearly and well understood the framework.Still, the average standard deviation at 0.56 reflected a less significant difference in experts' viewpoints.
Ease of use of IGHU: The aspects assessed were whether IGHU was efficient to use, easily recalled, acceptable, reduced tasks of operation, like well-known IT governance frameworks, and convenient in use.The mean, mode, and standard deviation of experts concerning the ease of use of IGHU are in table 5.
Experts pointed out that little time was spent learning IGHU, that the framework is reliable and fastens the operating procedures, and could easily be applied.In addition, the average mean at 3.97 and average standard deviation at 0.36 showed that IGHU was not challenging to be used.
The usefulness of IGHU: The aspects assessed were if IGHU added knowledge, guided in making appropriate IT decisions, helped plan IT systems, improved alignment of IT and the institutional goals, and helped increase IT governance maturity levels and reliability.The mean, mode, and standard deviation of experts concerning the usefulness of IGHU are in table 6.
It was affirmed that IGHU increased the experts' knowledge of IT governance, guides in making appropriate IT decisions, and bridging the gap between IT directorates/departments and senior managers/decision-makers.However, the following were observed to enhance IGHU.First, the IT steering committee is to be added and chaired by high-level staff like the CEO (Vice-Chancellor) for it to be felt.The IT steering committee follows up on decisions made by the IT strategy committee.The  5. Ease of use of the IGHU average mean of 4.24 showed that experts in IT governance strongly agreed that IGHU was useful.The average standard deviation of 0.49 confirmed that experts' opinions were not greatly differing.
Completeness of IGHU: The aspects assessed were if IGHU entailed all the necessary mechanisms to implement IT governance and caters to all stakeholders involved in IT leadership and decisionmaking in HILs.The mean, mode, and standard deviation of experts concerning the completeness of IGHU are in table 7.
Experts noted that IGHU was, to a great extent complete (table 8).However, experts urged the researcher to incorporate the suggestions given.The average mean at 4.00 showed experts strongly agreed that IGHU was to a great extent complete.The average standard deviation of 0.00 confirmed experts' opinions was not different.
The overall x̅ of the evaluation of IGHU was 4.1, the overall μ of the evaluation of IGHU was 4.1, and the overall σ of the evaluation of IGHU was 0.4.The responses from experts in IT governance and the resultant improvements were done on IGHU upon incorporating suggestions given (figure 3).The resultant framework for implementing IT governance in HILs in Uganda is in figure 4.

DISCUSSIoN oF RESULTS
IGHU consists of the internal environment and external environment.The internal environment shows established structures in HILs that affect the overall strategic objectives of HILs and the position of  IT.In contrast, the external environment stipulates IT-related aspects that HILs and their decisionmaking organs do not directly control.The internal environment comprises three domains.Each domain encompasses mechanisms that are realized through decision and input structures; these are executive, strategic, and operational-technical-policy domains.
Executive domain: The executive domain is the final decision-making level in HILs concerning IT operations and related management tiers.This domain oversees the overall direction, monitors, and assesses IT governance mechanisms.Moreover, it ensures that IT enables and helps to achieve HILs' mission and business objectives.This is attained by ensuring that the IT strategic plan is aligned with business goals to realize IT's role.
Strategic domain: The strategic domain consists of IT governance mechanisms that input and make recommendations that are approved by the executive domain.It is concerned with planning, building, running, and improving all aspects of an IT organization.The domain ensures that IT creates optimal value and mitigates risks.
Operational-Technical-Policy domain: This domain is concerned with analyzing specialized technical aspects that lead to recommendations, plans, and policies excluded in the strategic domain scope.It ensures that IT builds, maintains, and replaces IT architectural processes based on the risk appetite of the executive domain.This domain handles specifications of IT and risk assessment.
IGHU consists of other bodies such as the IT advisory body: groups that belong to this body holistically represent the voice of stakeholders.The groups represent the interests of their constituents collectively and actively advocate using either informal or formal mechanisms to meet their interests.
Some IT governance mechanisms required critical observation by the IT executive council; hence, the bidirectional dotted arrows were indicated from the government, industry, and customers and operation level connecting to Executive IT Council.Such mechanisms included IT risk management, CIO reporting to the CEO, IT leadership, and awareness and advocacy.

CoNCLUSIoN
This study sought to evaluate IGHU.Design science methodology was used to build and evaluate IGHU.IGHU framework was developed using a previous study: a conceptual framework to implement IT governance in Uganda's HILs.Evaluation of IGHU was conducted using case study and expert opinion methods.Generally, the evaluation of IGHU was positive concerning understandability, ease of use, usefulness, and completeness.This shows that IGHU satisfactorily implements IT governance in HILs in Uganda and organizations with similar contexts.

ACKNowLEDGMENT
Great thanks to the Swedish International Development Cooperation Agency for sponsoring this study.

Figure 3 .
Figure 3.The average overall mean, mode, and standard deviation of experts in IT governance

Lillian
Ndagire is an Assistant Lecturer in the Department of Networks, School of Computing and Library Science, Kyambogo University.She has attained her PhD in Information Systems in the College of Computing and Information Sciences at Makerere University.The research area is IT governance for public sector organizations of developing countries.She holds a Masters of Information Technology from Makerere University and a Bachelor of Science (Computer Science & Economics).Areas of specialization are database management, operating systems implementation, network configuration, systems analysis, and design.Lillian participates in several activities such as curriculum development for several IT-related programs and supervises research students, both undergraduates and postgraduates.Lillian has served in various capacities, such as Quality Assurance Manager at Cavendish University Uganda, responsible for initiating quality assurance strategy and enforcing the implementation of the National Council of Higher Education guidelines.Head of Department of Information Technology and Lecturer in the Faculty of Science and Technology at Cavendish University.A Computer Laboratory Manager in IICD project at Kyambogo University responsible for overseeing the equipment in the computer laboratories under the project and to ensure that they are in sound working condition.Gilbert Maiga is the current Dean of the School of Computing and informatics Technology, Makerere University.He is an Associate Professor in and former chair, Department of Information Technology.He has mentored over 20 Graduate Students research to completion in the broad field of Information systems.He has more than 15 years of teaching and research experience.His main areas of interest for research are in: Information Systems evaluation, e-health and e-Governance systems development and adoption.He has also published over 50 peer reviewed Journal articles.Benedict Oyo holds a PhD in Information Systems.He is the current Dean, Faculty of Science at Gulu University.Benedict's current research focuses on the role of ICT innovations in development.Benedict has led several systems development at Gulu University, including: Graduate Tracking System, Publication System, Corvid registration and attendance tracking system, Human Resource Management System, and an offline eLearning system.Benedict was in 2017 appointed to the 10-member board of the National ICT Initiatives Support Programme (NIISP) under the Ministry of ICT&NG.Benedict serves on nine journal committees as an external reviewer, and has published over 15 peer reviewed articles since his PhD graduation in 2012.Basuta James is an Assistant Lecturer in the Department of Economics, Faculty of Management Science, Muni University.He holds a Master of Science and a Bachelor of Arts (Economics) degree obtained from the University of Zimbabwe and Makerere University respectively.James participates in several activities such as curriculum development for several Economics and Business related programs and supervises undergraduate research students.