AN INNOVATION AT THE MANAGEMENT MINDSET OF

ORGANISATIONS: COBIT-5

Ahmet EFE1 and Turksel KAYA BENSGHIR2

1 PhD candidate at The Institute of Public Administration for Turkey and the Middle East, Internal
Auditor at Ankara Development Agency, TURKEY
Correspondence: Ahmet EFE, 1322 cadde no 11, 06460, Ankara TURKIYE Tel: +90 5054134975.
E-mail:aefe@ankaraka.org.tr

2 Headof E-Government Centre, Professor at the Institute of Public Administration for Turkey and
Middle East, Ankara, TURKEY
Correspondence: Turksel KAYA BENGSHIR, E-Devlet Merkezi TODAIE, 85. Cadde no 8, Ankara
TURKIYE Tel: +90 312 230 42 85 (1803 int) . E-mail:tkaya@todaie.gov.tr

─Abstract ─
We believe that innovation is not optional and not just ascribed to technical aspects since it is a
requirement of ever changing environment that affects everything. By the drive of global
competition based on management of innovating cutting edge technology, more and more people
within business functions need to have IT skills and will inevitably be involved in IT processes,
decisions and operations. Therefore business and IT need to be better integrated as they are
becoming interdependent. Since poor integration of different IT systems incongruent with business
needs is accepted as one of the major explanations for inertia and traditional approaches reflected in
the mindset of management and governance that cause failures of effective accomplishment of the
business and IT goals and objectives of organizations, this paper tries to analyze the need and effects
of change at IT governance infrastructures of Development Agencies (DAs) in Turkey that can be
positively developed and promoted with COBIT-5 model revealed at the end of 2012 by Information
Systems Audit and Control Association (ISACA). This paper introduces needs for innovation in
management and governance mindset of DAs and compares the holistic and integrated application
of COBIT-5 framework to improve and promote the level of better management and good
governance from both a theoretical and practical point of view.
Key Words: IT-governance, COBIT-5, Innovation, Paradigm shift, Organizational Change
Management.

INTRODUCTION
No doubt that today the concept of innovation is one of the most stressed, favored and cited as the
most important element of success both for individuals, organizations and countries; it is thought to
be important to stress the fact of innovation as a prevalent concept innermost of all existence from
atoms to cosmos. Although the renewal of body cells of living creatures and compilation and
decomposition of atoms in the form of new creations and continuous movement of the globe, moon,
sun, other propelling planets and all macro systems had been demonstrating the ever pervasive
character of innovation from the beginning of cosmos it is the fast growing relationships and

1
interactions at the last decade along with rapidly developing technology that have been invoking
promotion of perception of innovation the importance of which has surged and embossed to be more
and more visible during time passed.
As a matter of fact, apart from technical and promotional aspects, the innovation in the management
mind set is not so much popular though it is of crucial importance in realization of innovative ideas
based on freshness and novelty as a requirement of change management in the global competition.
This approach of innovation is imperative to be effectively alive and/or continue to survive due to
globalization that produced merciless competition, enhanced communications, instant interactions
and multidimensional collaborations in a more wide area continuously reproducing new strengths,
weaknesses, opportunities and threats. That is why innovation becomes not optional but imperative.
The governments and bureaucracy also do not possess any exemptions in this game because their
real success is solely based on their ability to attract new foreign investment and tackle with the
deficit of government and capital flows that require continuous navigation of the economy and
monitoring for better alignment with the changing business needs and new trends that can change
direction of new investments and positive rational expectations based on future perspectives.
As a result of stirring innovation in the technical development and paradigm shifts, e-government
and e-governance, which is considered to make services more effective, efficient, economic,
adequate, transparent, and responsive has been drawing concern from policy makers, bureaucracy,
academia, and the businesses. Since to implement e-government and e-governance in compliance
with requirement of innovation and novelty, there needed a total transformation of infrastructures,
processes and procedures led by a continuous changes in managerial and political mindset, it is
deemed that the traditional bureaucratic solutions cannot cope with government failures as a result
of not keeping up with globally changing environment the regional development agencies (DAs) in
Turkey were founded by Law in 2006 and 26 of which are fully functional with some temporary
inconveniencies or inadequate of infrastructure as a result of problems of management and
governance requirements.
Presumably, DAs were ascribed to be innovative governmental organizational set-ups that are
required to be intermediary at producing synergies and innovation in local and regional domain. In
this paper, it is attempted to review the requirements of the innovative concept of management and
governance structure of the DAs, the need for business processes re-engineering according to change
management and make some recommendations for a methodology of implementing holistic and
enterprise wide IT-governance solutions drawing inspiration from COBIT-5 approach of governance
of enterprise IT (GEIT) which is deemed to have the ability to promote the level of e-governance of
DAs.
Presumably, COBIT-5 may have internal dynamics to tackle with mentioned problems and needs
that require promotion of e-government and e-governance in DAs since it tries to be adaptive to
changing environment by bringing a disciplined and systematic approach to management and
governance structures which are in need of innovative management mindset.
The paper assumes that the advent of COBIT-5 is an indication of innovation in change of mindset
of management and governance set up of organizations.
The COBIT-5 as novel and comprehensive approach which was developed on the older versions by
ISACA in 2012 demonstrates a big deal and assertion that no matter what public body, private

2
organization or NGO is the enterprise, the method consisted of principles and enablers is viable and
sustainable. This study is predominantly based on the books of ISACA on COBIT-5.

DAs AS INNOVATIVE ORGANISATIONS

Innovation is closely correlated governance of knowledge management at the local level which is
the fact of diffusing tacit knowledge of innovation amongst region, localization of technology
supporting supplier development by assisting local companies, universities and research enterprises
to develop their technological capabilities, and recollecting entrepreneurial knowledge in the form of
wisdom for the cause of local development and common good for which conventional public
organizational structure and traditional central bureaucracy could not effectively and efficiently
serve.
Figure 1: Organisational Structure of DAs

The governance structure of DAs and their working principles, procedures and organizational
topology demonstrate an innovative novel nature in comparison with other governmental
organizations. For instance the program management department should be closely involved with
the communication and interaction with the potential beneficiary, the monitoring and evaluation
department should be engaged with communication and interaction with project beneficiaries,
investment support office should give priority to communication and interaction with entrepreneurs
and investors, planning department should focus on communication and interaction with all
stakeholders and especially closely follow up of members of board of development. Therefore the
synergy obtained from all communication and interaction domains will increase the ability of DAs
on knowledge management at local level.
At this era which is dominated by knowledge based economies, change management of innovation
and strategic knowledge is becoming one of the most important keystones that define effectiveness

3
and efficiency of institutions and processes since every change produces new knowledge and every
new knowledge requires new paradigms affecting existing models, processes and procedures.

WHY COBIT-5?

The answer to the question is important in understanding of differences of COBIT-5. It is because

that it provides more stakeholders a say at the governance and management processes, addresses the
increasing dependency on external business and IT parties, deals with the amount of information,
which has increased significantly, deals with much more pervasive IT, provides further guidance in
the area of innovation and emerging technologies and requires less about audit and more about
governance.
Since COBIT-5 is a result of change management at the common body of knowledge which is
constantly being revised and reproduced by ISACA according to requirements of the time passing in
which approaches, methodologies, terminologies, paradigms and mindsets take sway for a better
pace and place in peace.

INNOVATION AS PADARIGM SHIFH IN IT GOVERNANCE MINDSET

According to the theory of "paradigm shift" which was developed by Thomas KUHN, (Kuhn: 1962:
10) the scientific advancements are not evolutionary, but rather a "series of peaceful interludes
punctuated by intellectually violent revolutions", and in those revolutions "one conceptual world
view is replaced by another". Kuhn said that "awareness is prerequisite to all acceptable changes of
theory (Kuhn: 1962: 67) that all begins in the mind of human beings according to what is perceived,
if normal or abnormal, consciously or unconsciously. That is why we have chosen the “mindset”
which is crucial in the innovation process as a paradigm shift.
At the conjunction of paradigm shift of traditional management to postmodern flexible and proactive
management there may be a solution for eliminating the languish of governance and traditional
problems such as lack of coherence in public policies; inconveniency of IT bases; failure of big MIS
and ERP projects; increasing need to attract concerns towards continuous development of
participation and collaboration by using new, cutting edge ICT; and concerns for reducing digital
divide.
According to ISACA, COBIT-5 is the only business framework for the governance and management
of enterprise IT in which it incorporates the latest novel thinking in enterprise governance and
management techniques, and provides globally accepted principles, practices, analytical tools,
approaches and models to help increase the trust in, and value from IT. COBIT-5 builds, expands
and surpasses on COBIT 4.1 by integrating other major frameworks, standards and resources,
including ISACA’s Val-IT and Risk-IT, Information Technology Infrastructure Library (ITIL) and
related global standards from the International Organization for Standardization (ISO).
Figure 2: Governance of Enterprise IT

4
Source: ISACA:2013:13.
The changes are reflected in the COBIT development life cycle can be seen as results of paradigm
shifts triggered by changing environment as the time passed from 1996 to 2012 in which period both
a paradigmatic shift and different but incrementing conceptual approaches are seen as innovative
such as audit, control, management, IT Governance and Governance of EnterpriseIT.

BASIC PRINCIPLES OF COBIT-5

COBIT-5 is founded on 5 key principles for governance and management of enterprise IT. These
principles bring a systematic approach to tackle with organizational capacity building in the
changing environment as a priori to innovative management mindset.
Figure 3: COBIT-5 Principles

Source: ISACA: Implementation: 2012:16.

5
 1. Meeting Stakeholder Needs
Every organization has stakeholders and has to be run according to their needs and priorities. This
principle in the management mindset gives an organizational vision of raison d’etre which has to
exist for each organization no matter how much complicated or public-private. As public bodies at
regional level, the DAs exist to produce value for stakeholders at local level by making a sustainable
balance between the realization of benefits and optimization of risk and of resource usages. COBIT-
5 may provide required processes and enablers to reproduce continuous business adding value by the
use of governance of enterprise IT.
Figure 4: Relationship of stakeholder needs with GEIT and adding value.

Source: EFE: COBIT-5:2013:7.

As is shown in the figure above, all stakeholders need adding value which can be provided by means
of benefits realization, risk optimization and resource optimization clauses as the governance of
enterprise IT level increases. This is quintessence of COBIT-5 in this point that the more GEIT the
more adding value by the drive of stakeholders needs which also provides alignment of benefits
realization, resource optimization and risk optimization of enterprise.
In the case of DAs, stakeholders are manifold such as the potential beneficiary to funding programs,
the project beneficiaries, potential entrepreneurs, investors, local government bodies, the Ministry of
Development (MoD), municipalities, NGOs, local governors, staff members and also service
providers or outsourcers. These different groups have different interests and needs. Since every
organization has different strategic objectives, and DAs may customize COBIT-5 to suit their unique
case by the goals cascade, mirroring high-level organizational goals into reasonable, specific,
manageable IT goals and depicting these into specific main and sub-processes and practices such as
the ones embedded into region plans and strategic plans.
Development Council is a consultative body established to ‘’enhance the cooperation among public
institutions, private sector, non-governmental organizations, universities and local governments in

6
the region and to direct/guide the agency’’ (Art. 8 of the Law 5449). The Development Council
consists of 100 representatives of the provinces. These include public sector representatives, civil
society and private sector representatives. The Decrees on Establishment provide detailed number of
representations from each region.
Stakeholder needs have to be translated into actionable stages both at regional plans and support
programs developed by DAs. The COBIT-5 goals cascade in the mechanism to mirror stakeholder
needs into specific, conceivable, actionable and customized organizational goals, IT goals and
enabler goals. This conversion allows setting sequential specific goals at levels and in every domain
of DAs in support of the overall objectives and stakeholder requirements, and thus effectively
supports alignment between DAs’ needs and IT services. Despite of the fact that the needs of
stakeholders are included in the structure of DAs at the conceptual stage satisfactorily however, the
implementations that provide definitions, analysis and management of needs of stakeholders are
missing to the extent that DAs are meeting with development board just once a year since it is a
requirement of the Act ’Law on Establishment and Duties of Development Agencies’’ (Law No.
5449, published in the National Gazette on 08.02.2006).

2. Covering the Enterprise End-to-End

IT cannot be separated from business functionalities and not be standalone unique asset. Since IT
tools, techniques, gadgets and objectives are pervasive and imperative for all business
functionalities, COBIT-5 tries to integrate governance of enterprise IT into concept of enterprise
governance. It tries to cover all functionalities, departments and processes and sub-processes within
organizations. COBIT-5 does not only revolve around on the IT-related functions, but take into
consideration information, knowledge and IT as organizational assets and values that need to be
taken into account just like any other asset by staff member of organization such as physical and
human capital.
To have an effective governance and management system, COBIT-5 perceives IT governance and
management enablers to be organizational wide and end-to-end, that is pervasive of everyone and
everything no matter how much they are external or internal, which is pertinent to governance and
management both technical and administrative. Apart from staff members of DAs every person from
development boards or administrative board should be included in the knowledge and change
management of DAs.
In the governance and management system of DAs there needs to be a change of strategic mind set
to accept enablers as the main drivers of governance and management including all business and IT
related implementations.

3. Applying a Single, Integrated Framework

There are many innovative frameworks, standards and best practices providing guidance on a subset
of business or of IT activities. COBIT-5 aligns with and integrates other relevant standards and
frameworks at their conjecture points such as of COSO, COSO ERM, ISO/IEC 9000, ISO/IEC
31000, ISO/IEC 38500, ITIL, ISO/IEC 27000 series, TOGAF, PMBOK/ PRINCE2, CMMI, and
thus can serve as the overarching framework for governance and enterprise IT. (ISACA, 2013:23)
In addition to using single standard, this principle can be applied to the IT frameworks and systems

7
such as the systems that can work consistently and coherently intertwined and interconnected with
single sign on entry and so on. By integrating all functionalities of other standards COBIT-5 has
another innovative management mindset in that instead of trying to decide which frameworks or
standards to be followed COBIT-5 provides all of benefits that can be delivered by other frameworks
and standards which can be conflicting, waste of resources or redundant in case of choosing wrong
ones not in compliance with stakeholder needs, and organizational capability and objectives. For the
case of DAs, since there is no any prescribed framework by Law to be implemented DAs have the
capacity to choose and initiate whatever framework seems to be fitting to their needs.

4. Enabling a Holistic Approach

Since a system can maintain its integrity and lifecycles by collaboration of all parts being connected
altogether, cohesiveness and congruency in their entirety, excellent governance and management of
organizations require a holistic circumventing approach, paying attention to all interacting
functionalities, components and standards without missing any process or department. Therefore
COBIT-5 tries to set principles and enablers in supporting the implementation of a pervasive
governance and management system for an organization. Seven categories of enablers are very
broadly defined as anything that may help achieve the objectives of DAs such as triggering local
potentialities of all sectors, enhancing knowledge accumulation and alleviation of administrative
procedures that are needed for investment initiations etc.

5. Separating Governance From Management

One of the most importance characteristic of COBIT-5 is the separation of the concepts of
management from governance. As governance should ensure that stakeholder needs, conditions,
priorities and options are taken into account, evaluated to define organizational objectives are
achieved; giving direction by prioritization in decision making; and monitoring activities and testing
compliance against given directions and objectives (EDM), management plans, builds, runs and
monitors activities in alignment with the direction set by the governance body to achieve the
organizational objectives (PBRM). The administrative board and Development Council of DAs are
mainly concerned with governance while the secretary general and internal departments are
fundamentally engaged in management processes. However in the case of DAs the management also
manages, report and monitor the processes of governance on behalf of the boards since the
governance actors do not possess any permanent and unique separate office or staff.
Figure 5: Governance and Management Key Areas

8
Source: ISACA: A Business Framework:2012:32.
The governance structure is run by development board and administrative board while technical
management is processed by office of secretary general, internal departments and investment
support offices. According to regulations and related Law, under the process of “Plan” depicted
above in the figure-5, the content aspects of regional plans and corporate strategic plans are being
provided by governance mechanism while technical aspect of regional plans and corporate strategic
plans such as design, coordination and publication are provided by management at the case of DAs.
Therefore at this point there is a contradiction between COBIT-5 principle and implementation of
DAs.

MAIN ENABLERS OF COBIT-5

The COBIT-5 framework defines seven categories of the enablers:
Figure 6: CobIT-5 Enablers

Source: ISACA: A Business Framework: 2012:27.

1. Principles, policies and frameworks:

Principles, policies and frameworks are the vehicle to mirror and transport the desired best behaviors
into actionable practical guidance for daily management of operations. Although for DAs these

9
principles, policies and frameworks are mainly defined by regulations, guides and related
legislation, they do not seem to have capability to provide desired actions in implementations of
DAs since they are rigid, detailed, and bureaucratic and tailored according to centralistic point of
view not so flexible that can be altered and fixed easily by local stakeholders. As was mentioned
above the framework or any standard is missing for DAs and while principles and policies are
provided by Ministry of Development (MoD) as a one size fits all approach which does not comply
with this enabler requirement.

2. Processes:
Processes and work flows describe a set of practices and activities to achieve certain desired
objectives and produce a set of outputs in support of achieving overall IT-related goals. Existence of
the processes and work flows are one of the requirements of financial credibility of DAs at the
foundational stage however these should be current and not outdated. Manuals of Procedures, which
are in Turkish language, are insufficiently developed, missing comprehensive audit trails for each
relevant process and sub-process. However setting of processes flows, work diagrams and
descriptions can be seen as a burden because of difficulties seen as to update of as-is processes for
to-be ones.

3. Organizational structures:
Organizational structures are the key decision-making entities in an enterprise. Segregation of
duties, separation of authorities and departments are key issues for a viable and accountable
organizational structure which is basically predefined by regulations and related legislations to some
extend for DAs. The organizational structure of DAs should undergo a redefinition of roles and
responsibilities in order provide a basis for effective segregation of management and governance
functions and processes.

4. Culture, ethics and behavior:

Culture, ethics, moral values, religion, attitude and behavior of individuals and of the organization
and of stakeholders are very often underestimated as a success factor in governance and
management activities. Without involvement of people and adherence of organizational values and
commitment to professional attitudes governance and management activities sooner or later will not
be fruitful. Codes of conduct or ethics are key issues for development of corporate culture.
Organizational culture and ethics should be in line with the area and local partners in order to
provide synergy, organizational learning and collaboration.

5. Information:
Information is required for keeping the organization running and well governed, but at the
operational level, information, knowledge and strategic business wisdom are the key product of the
enterprise itself. Effective way and utilization of information and communication activities are vital
both for management success and for control awareness including risk averseness. Therefore flow of
required information smoothly with integrity across departments and with stakeholders and also

10
organizational knowledge reproduction and its management is the key for implementation of
COBIT-5.

6. Services, infrastructure and applications:

Services, IT infrastructure and applications include IT and applications that provide the organization
with IT processing and services and should be tailored to business needs and aligned with
organizational strategies. DAs have required resources to provide services, infrastructure and other
applications by insourcing or outsourcing.

7. People, skills and competencies:

These are required for successful accomplishment of all activities, and for making reasonable
decisions and taking corrective, detective and preventive actions. Without appropriate human capital
planning and HR management designed for competent employees, it is difficult for enterprises to
survive in competing markets and changing global environment. Human resource is the
preconditions that prevail for all functionalities and goals.

CONCLUSION
To sum up, as a result of paradigm shift of innovative COBIT-5 framework which dismisses any
requirement for other frameworks and standards requires a quantum leap in changing management
mindset in addition to a comprehensive and dynamic business process reengineering of all business
or IT related processes in line with business and IT functions and strategies, capability, resources
and governance requirements.
As being a comprehensive and resilient framework integrating and merging all of the functional
faculties of different systems and frameworks the COBIT-5 seems to be able to promote the level of
the service required for DAs since it covers all viable principles required and powerful enablers.
Implementing COBIT-5 is not only based on the management decision making but also devotion and
commitment that require paradigm shifts from traditional management to post-modern proactive
management that is a comprehensive organizational, procedural, structural business and IT
alignment. In the Ankara Development Agency as a preliminary initiation towards innovative
implementations that would prepare a basis digesting COBIT-5, the Annual Internal Audit Report for
the year 2012 is the first document for this cause which requires commitment and determination by
all parts concerned in this process.
As this study is an introductory one that introduces innovational aspects of COBIT-5 as per DAs,
more and more theoretical, empirical and action researches are necessary to have a full
understanding of common body of knowledge.

BIBLIYOGRAFYA
EFE, Ahmet, (2013), “Annual Internal Audit Report for 2012”, Ankara Development Agency,
available for internal services only, Ankara.

11
EFE, Ahmet, (2013), “Cobit-5 Framework as a Model for the Regional Development Agencies in
Turkey”,https://www.academia.edu/attachments/33128007/download_file?
st=MTQwMzYwMzI1OSwyMTIuMTc1LjM0LjE3MCw5NzA2MjAy&s=sidebar&ct=MTQwMzYwMz
E5OSw5NzA2MjAy
ISACA (2012), “COBIT-5 A business framework for the governance and management of enterprise
IT”, ISBN 978-1-60420-237-3, USA
ISACA (2012), “COBIT-5 Implementation”, ISBN 978-1-60420-238-0, USA
ISACA (2012), “COBIT-5 Enabling processes”, ISBN 978-1-60420-239-7, USA
ISACA (2013),”COBIT-5-Introduction”, http://www.isaca.org/COBIT/Pages/default.aspx
[07.04.2013 Accessed]
Kuhn, Thomas, (1962) "The Structure of Scientific Revolutions", Second Edition, University of
Chicago Press, USA.
Torres, Lourdes; Pina, Vicente; Acerete, Basilio. (2006), E-Governance Developments in European
Union Cities: Reshaping Government’s Relationship with Citizens, Journal of Governance. Apr, Vol.
19 Issue 2, p277-302. 26p
Wikipedia (2013), Netizen, http://en.wikipedia.org/wiki/Netizen [07.04.2013 Accessed]
Wikipedia (2013), E-Governance, http://en.wikipedia.org/wiki/E-Governance [07.04.2013
Accessed]

12