ABSTRACT
This paper investigates IT governance through the Viable System Model (VSM). We make a theoretical contribution by discussing why IT governance can continue to achieve its purpose of creating and preserving IT business value. Additionally, we demonstrate how the VSM can be used as a lens to describe and diagnose IT governance from a practical perspective, offering insights in how complexity can be unfolded and how complexity engineering takes place to handle changing complexity.
Acknowledgments
The Belgian Agency for Innovation by Science and Technology is acknowledged, as the lead author (Tim Huygh) is being funded through a PhD grant for strategic basic research at the time of conducting this research.
Notes
1. This definition is based on the ITGI (Citation2003) definition: “IT governance is the responsibility of the board of directors and executive management. It is an integral part of enterprise governance and consists of the leadership and organizational structures and processes that ensure that the organisation’s IT sustains and extends the organisation’s strategy and objectives.” (IT Governance Institute (ITGI), Citation2003, p. 10).
2. International Standard on Assurance Engagements (ISAE) No. 3402, Assurance Reports on Controls at a Service Organization.
Additional information
Notes on contributors
Tim Huygh
Tim Huygh is a PhD candidate in Information Technology Governance at the department of Management Information Systems of the Faculty of Business and Economics at the University of Antwerp. He has a bachelor’s and master’s degree in Business Engineering: Management Information Systems from the University of Antwerp and a master’s degree in Advanced Business Studies from the University of Leuven (KUL).
Steven De Haes
Steven De Haes, PhD, is Professor Information Systems Management at the University of Antwerp – Faculty of Business and Economics and Dean of Antwerp Management School. He is actively engaged in teaching and applied research in the domains of IT Governance & Management, IT Strategy & Alignment, IT Value & Performance Management, IT Assurance & Audit and Information Risk & Security.