See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/46016733

IT Governance and Organizational Transformation: Findings From an Action

Research Study

Conference Paper · August 2010

CITATION READS

1 118

1 author:

Boris Otto
Technische Universität Dortmund
204 PUBLICATIONS   2,248 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

FlexiNet View project

Digital Life Journey View project

All content following this page was uploaded by Boris Otto on 22 November 2014.

The user has requested enhancement of the downloaded file.

Association for Information Systems
AIS Electronic Library (AISeL)
Americas Conference on Information Systems
AMCIS 2010 Proceedings
(AMCIS)

8-1-2010

IT Governance and Organizational

Transformation: Findings From an Action
Research Study
Boris Otto
University of St. Gallen, boris.otto@unisg.ch

Follow this and additional works at: http://aisel.aisnet.org/amcis2010

Recommended Citation
Otto, Boris, "IT Governance and Organizational Transformation: Findings From an Action Research Study" (2010). AMCIS 2010
Proceedings. Paper 421.
http://aisel.aisnet.org/amcis2010/421

This material is brought to you by the Americas Conference on Information Systems (AMCIS) at AIS Electronic Library (AISeL). It has been accepted
for inclusion in AMCIS 2010 Proceedings by an authorized administrator of AIS Electronic Library (AISeL). For more information, please contact
elibrary@aisnet.org.
Otto IT Governance and Organizational Transformation

IT Governance and Organizational Transformation:

Findings From an Action Research Study

Boris Otto
University of St. Gallen
Institute of Information Management
Boris.Otto@unisg.ch

ABSTRACT
IT Governance is supposed to ensure the value contribution of an organization’s IT to its overall business strategy. Due to
various contingency factors, such as organizational structure or company size, models for IT Governance cannot be off-the-
shelf solutions, but have to be designed for each company individually. While there have been numerous scientific
contributions dealing with the way and extent contingency factors affect organizations’ IT, only limited research is available
investigating the impact of organizational transformation on the establishment of specific IT Governance models. Against
this background, the paper at hand reports on the findings from an action research study conducted at “Cerveza & Refrescos“,
a Latin American producer and distributor of beverages.
Keywords
IT Governance, Organizational Transformation, Contingencies, Action Research
INTRODUCTION
Motivation
Governance issues have become a critical factor for companies in recent years. The growing number of regulatory and legal
provisions plus highly publicized cases of company mismanagement have moved Corporate Governance into the focus of
public interest (OECD, 2004). Facing the need for organization wide establishment of standards, companies have identified
the importance of governance also when it comes to deploying and using information technology (IT)
(PricewaterhouseCoopers, 2006). In parallel, the impact of companies’ IT management on their capability of doing business
has become stronger (Symons, 2005). IT Governance increasingly has become an instrument to align IT strategies with
overall business strategies (Boynton, Jacobs and Zmud, 1992; Ross, 2003). As a consequence, companies are not looking for
off-the-shelf solutions but for tailor-made IT Governance models (Symons, 2005; Weill and Ross, 2005).
IT Governance refers to a number of functional areas companies have to deal with, such as IT infrastructure, IT architecture,
special requirements on IT applications, and IT related investments (Sambamurthy and Zmud, 1999; Weill et al., 2005).
Standards and best practices were developed to design and manage these functional areas, e.g. IT Infrastructure Library
(ITIL) for IT services management (OGC, 2006) and CobiT (Control Objectives for Information and Related Technology)
(Curtis, Colville, Haight and Brittain, 2005). There is broad consensus among researchers and practitioners as to what are the
factors that are relevant when it comes to developing models for IT Governance. It is a company’s organizational structure,
size, experience with regard to governance issues, and business strategy that IT Governance is contingent on (Brown and
Grant, 2005; Gordon and Gordon, 2002; Weill et al., 2005). However, what has been almost neglected so far is the question
as to how organizational transformation affects the development and establishment of an IT Governance model. In other
words: Is organizational transformation a contingency factor to IT Governance? The question becomes even more important
considering the fact that businesses more often than not are characterized by being subject to change, e.g. as a response to
business drivers such as global market presence or short innovation cycles.
Research Question and Approach
The paper at hand reports on an action research study dealing with the establishment of an IT Governance model in a
company which is in a process of organizational transformation. By the time the underlying study was conducted, Latin
American Cerveza & Refrescos was among the ten largest producers and distributors of beverages in the world. The paper
addresses the question whether an ongoing organizational transformation affects the establishment of IT Governance, i.e.
whether it is a contingency factor for the latter.

Proceedings of the Sixteenth Americas Conference on Information Systems, Lima, Peru, August 12-15, 2010. 1
Otto IT Governance and Organizational Transformation

In 2006, Cerveza & Refrescos had a turnover of more 10 billion US $ and was a supplier of some 2 million retailers and 200
million end consumers. Cerveza & Refrescos consists of three business lines (soft drinks, beer, retail), which used to be
managed independently from one another and which are head-quartered in two different locations. Following a strategy of
continuous acquisition, the company management’s goal has been to achieve double-digit turnover growth rates per year. To
achieve this goal, the company management decided in favor of a change in its operating model, mainly referring to the
business lines which are now supposed to increasingly generate synergy effects through the integration of support functions.
The organizational transformation also affected the company’s IT, which also used to be managed on a decentral basis by the
individual business lines. In 2005, the company management decided to establish a company-wide IT Governance model to
support IT integration.
The study approach follows the principles of action research, which basically is a form of field research (Heinrich, Heinzl and
Roithmayr, 2007), with the researcher supporting the company to be examined in its problem solving efforts (Baskerville and
Wood-Harper, 1996). In information systems (IS) research, action research is often taken advantage of when it comes to
implementing information systems or evaluating artifacts (Frank, 1998). The overall aim is to solve practical problems and
promote scientific progress at the same time (Hult and Lennung, 1980). In general, an action research study consists of five
phases: diagnosis, planning, action, evaluation, and documentation (Susman and Evered, 1978). The project reported in this
paper was conducted from April to September, 2006. The principles of canonical action research (Davison, Martinsons and
Kock, 2004) were met:
• Agreement between researcher and client: In April, 2006, a written agreement on the development of a model for IT
Governance was signed, specifying a timetable and a process plan as well as the roles of researchers and company
representatives and the contributions to be made by them.
• Iterative process model: At the beginning of the project, an iterative process model was agreed upon, specifying a three-
step development of the IT Governance model (see section “Action Planning”).
• Theoretical foundation: The first version of the IT Governance model was based on accepted standards set up by the IT
Governance Institute (IT Governance Institute, 2003). In addition, it drew upon findings from contingency theory.
• Willingness to bring about change: The willingness to improve the situation with regard to IT Governance was clearly
identifiable throughout the entire company due to an urgent need for business transformation. All actions planned were
fully supported by the company management and the staff.
• Documentation of lessons learned: From the findings from the action research study, concrete measures were deducted
which were evaluated by all decision-makers involved before final acceptance or rejection. One piece of documentation of
the lessons learned is the present article
Section “Background” of this paper outlines basic concepts in the fields of IT Governance and contingency theory. In the
third section the action research project at Cerveza & Refrescos is described. The paper concludes with a short summary and
an outlook at future work on the topic.
BACKGROUND
IT Governance
IT Governance aims at aligning a company’s IT strategy with its overall business strategy. On a “macro” level, it assigns IT
related rights and duties to a company’s interest groups (Peterson, 2004), basically to make sure information is made
available safely, reliably, efficiently, and effectively by taking advantage of appropriate technology (Korac-Kakabadse and
Kakabadse, 2001; Meyer, Zarnekow and Kolbe, 2003). On a “micro” level, this basic objective usually is concretized by
means of a reference model establishing IT departments in terms of service providing organizations based on certain
requirements. Among the most well-known models are ITIL and CobiT (Curtis et al., 2005).
Basically an IT Governance model provides an organizational manifestation of IT Governance throughout a company (Weill
et al., 2005). Such a model consists of three components: first, IT related decision areas (alignment with business strategy,
resources management, performance measuring etc.); second, the roles involved in the process (CEO, Chief Information
Officer, department managers etc.); and third, the responsibilities to be taken over by the roles (IT Governance Institute,
2003). These responsibilities can be modeled by means of competence codes, which in the case of CobiT is a notation
scheme called RACI (“R” for “responsible”, “A” for “accountable”, “C” for “consulted”, and “I” for “informed”) (IT
Governance Institute, 2005).
However, each IT Governance model has to be company specific. There have been numerous scientific efforts to investigate
the interrelatedness of specific IT Governance models and specific contingency factors (Brown, 1997; Korac-Kakabadse et

Proceedings of the Sixteenth Americas Conference on Information Systems, Lima, Peru, August 12-15, 2010. 2
Otto IT Governance and Organizational Transformation

al., 2001; Sambamurthy et al., 1999; Weill et al., 2005). The basic assumption has been that there can be no off-the-shelf IT
Governance model, since in each single case both the IT’s value contribution and the IT Governance model itself are directly
affected by company specific contingency factors.
Contingency Theory and IT
The interrelatedness of a company’s specific organizational characteristics and its performing capabilities is determined by
contingency factors. Originally, contingency theory referred to the fit of a company’s organizational structure with the
external conditions it is surrounded by (Lawrence and Lorsch, 1975). Later, contingency theory was extended by inner-
company factors, such as degree of formalization or degree of specialization (Donaldson, 2001; Keats and O'Neill, 2001;
Miller, 1992; Olson and Chervany, 1980).
There have been numerous scientific contributions dealing with applying contingency theory to companies’ IT. At the
beginning of scientific research in this field, it was mainly investigated as to what extent classical contingency factors
(competitive strategy, company size, allocation of decision power) have an impact on single areas of companies’ IT (on the
distribution of computing resources and on the effectiveness of management information systems, for example) (Ahituv,
Neumann and Zviran, 1989; Ein-Dor and Segev, 1978; Weill and Olson, 1989). At a later stage, IT as a whole was focused,
e.g. by analyzing the multiple impact of contingency factors on the interplay of business units and IT departments (Brown,
1997; Sambamurthy et al., 1999).
From these theoretical efforts integrated models for describing and designing IT Governance were developed (Brown et al.,
2005). Weill, for example, defined more roles (line managers, IT managers, business process owners etc.) and five basic
decision areas (IT related principles, IT architecture, IT infrastructure, special requirements on IT applications, and IT related
investments). By being able to assign responsibilities to roles and decision areas, a more detailed modeling of the interplay
between business units and IT departments is made possible. Based on that matrix, Weill finally identified six archetypes of
possible manifestations of IT Governance models (Weill, 2004). Other examples of recently published frameworks are the IT
Effectiveness Model (Sugumaran, 2003) and the marketing maturity model for IT (Hirschheim, Schwarz and Todd, 2006).
Consequences in the Paper Context
In practice we can find proven reference models for the design of IT Governance models. Also, we can draw upon numerous
research results for IT organization and the definition of contingency factors, such as business strategy or company size.
However, all these reference models do not tackle the issue of how the impact of contingency factors needs to be taken into
consideration when responsibilities are being assigned. CobiT, for example, acknowledges the need for IT Governance
models to be company specific. However, CobiT then proposes ready-made RACI diagrams, thereby revealing its one-size-
fits-all approach (IT Governance Institute, 2005). Besides, while business strategy has been identified as a contingency factor
for IT Governance, it has not been investigated yet - except from particular cases (Gonzalez-Mesa Hoffmann and Weill,
2004) - how an organizational transformation is actually affecting the establishment of an IT Governance model. Apart from
that, much research has been conducted analyzing the impact of IT on the performance of the organizational strategy
(Melville, Kraemer and Gurbaxani, 2004; Tavakolian, 1989; Venkatraman, 1994; Weill, 1992), but not vice-versa.
THE CERVEZA & REFRESCOS ACTION RESEARCH STUDY
Initial situation and diagnosis
Until shortly after the turn of the millennium the business strategy of Cerveza & Refrescos had been characterized by
autonomous, sparsely interacting business lines operating in local, partly different markets. However, the business strategy of
growing continually, to be realized largely by acquisitions, was requiring more intensive usage of the company’s resources.
The new business strategy set up in 2004 was aiming at becoming an integrated organization leveraging synergies and
resources on a company-wide level. The company’s integration process began with its human resources management and
financial accounting management, embracing also the IT department. The company’s IT used to be organized on a decentral
level for each business line individually. Any decisions with regard to IT architecture, IT projects, or IT related investments
were made by the business lines’ Chief Information Officers, who then had to report to the business line managers. Structures
thereby became highly heterogeneous. For example, whereas the soft drinks business line received all IT infrastructure
services from an external service provider, the beer and the retail business lines received these services from their respective
IT departments. Regarding ERP systems, the soft drinks and the beer business lines were using SAP R/3 (in varying
installations), while the retail business line was using Oracle applications.
In 2004 the company management decided to establish a shared service center for IT services (named SSC IT), initially
focusing on IT infrastructure services (i.e. network operations, support services, hardware maintenance etc.). Basically, the
company management executives had three objectives in mind:

Proceedings of the Sixteenth Americas Conference on Information Systems, Lima, Peru, August 12-15, 2010. 3
Otto IT Governance and Organizational Transformation

• Leverage economies of scale for IT infrastructure services.

• Standardize IT services as a basis for company-wide IT strategy planning.
• Minimize risk through consolidation of computing centers and establish a new computing center characterized by higher
safety standards.
The benefits this project was supposed to bring about - both with regard to monetary aspects and support of the business
strategy - were confirmed by the results of a profitability analysis. Profitability mainly was supposed to result from the
consolidation of IT infrastructure services within the SSC IT, what de facto meant to be a reintegration of the services the soft
drink business line previously had received from an external service provider. An iterative project plan was set up, which in a
first step aimed at consolidating infrastructure services of the beer and the retail business lines within the new computing
center (in 2005), and in a second step migrating IT services of the soft drinks business line (in 2006).
Apart from that, a first draft of an IT Governance model was developed by the SSC IT. It envisaged more than 130 decision
areas on IT infrastructural level, six roles (both on corporate and on business line level), and responsibilities. The decision
areas mainly addressed infrastructural aspects (e.g. data center and network services, field services, security and help desk
services), but also touched upon application management for group-wide standard software systems. However, the proposal
was not given into the internal consolidation process involving the business lines.
Shortly after the start of the SSC IT implementation project, however, some deviations from the project plan occurred:
• The migration of the soft drinks business line’s IT infrastructure services was delayed due to an SAP R/3 upgrading project
planned and started in parallel.
• Managers of the business lines and SSC IT executives had different opinions concerning both the skills and the
competencies of SSC IT staff.
• Business line managers expressed their doubts about the profitability of the SSC IT, and executives of the soft drinks
business line proposed price negotiations with the external service provider.
• More delays in the project timetable occurred due to the fact that the business lines set different priorities from the overall
company management (e.g. introduction of mobile data capturing devices for the retail business line).
A situation analysis revealed that the establishment of a company-wide IT Governance model was a precondition for the
establishment of the SSC IT - and for the organizational transformation. The IT Governance model was needed to control the
collaboration of interest groups both in the business lines and in the overall company management in order to safeguard the
new company strategy.

Cerveza & Refrescos

Suppliers Lines of Business

SSC IT

Corporate
Customers
Center

Key: in scope out of the scope of the IT Governance model

Figure 1: Organizational Scope

It became obvious that the existing draft of the IT Governance model was inadequate against the background of the
aforementioned plan deviations. The reason for this was the absence of strategic and business-related decision areas. It did
not say anything how contracts with vendors were to be negotiated, how project portfolios were to be managed, how
standards were to be set regarding the strategic use of IT. Instead, it focused on day-to-day aspects of data center and
infrastructure services only.

Proceedings of the Sixteenth Americas Conference on Information Systems, Lima, Peru, August 12-15, 2010. 4
Otto IT Governance and Organizational Transformation

Action Planning
A core team was set up to redevelop the IT Governance model and plan its realization. Members of the core team were the
author of this paper, the head of the SSC IT, and the heads of the SSC IT strategy and SSC IT operations groups. A premise
for the IT Governance model was to make use of accepted industry standards and of “best practices” from other companies.
In a first step it was agreed upon the organizational scope of the IT Governance model, comprising collaboration between the
lines of business and the corporate center, between the SSC IT and the corporate center, and between the SSC IT and the
lines of business. Collaboration with external partners was not taken into consideration during this phase of the project. The
organizational scope of the IT Governance model is illustrated in Figure 1. In a second step, the roles to be involved in the
process were identified. The list of roles included:
• From the lines of business: CIOs, the line managers of the CIOs, application managers, technology managers, and
development managers.
• Corporate center: head of all shared services (incl. SSC IT) who also held the role of the Group CIO; procurement
department; human resources management; account managers of shared services for business lines.
• SSC IT: head of SSC IT; head of SSC IT strategy; head of SSC IT operations.
Apart from that, three boards were established following recommendations of the IT Governance Institute (IT Governance
Institute, 2003) as illustrated in Figure 2.

IT Strategy Committee

„ Line Managers of the

LoB CIOs
„ Group CIO

IT Steering Committee

„ Group CIO
„ LoB CIOs
„ Head of SSC IT
„ Head of SSC IT
strategy
„ Head of SSC IT
operations

WG Applications WG Technology WG Development

„ LoB Application „ LoB Technology „ LoB Development

Managers Managers Managers
„ Head of SSC IT „ Head of SSC IT „ Head of SSC IT
strategy strategy strategy
„ Head of SSC IT „ Head of SSC IT „ Head of SSC IT
operations operations operations

Key: LoB - Line of Business; CIO - Chief Inf ormation Of f icer; SSC - Shared Services Center;
WG - Working Group.

Figure 2: Board Structure

• Members of the IT Strategy Committee were the line managers of the three divisional CIOs and the Group CIO. It was
mainly in charge of aligning the IT with the company’s business strategy.
• The IT Steering Committee consisted of the Group CIO, the CIOs from the lines of business as well as of representatives
from the SSC IT, namely the head of the SSC IT and the heads of SSC IT strategy and operations.

Proceedings of the Sixteenth Americas Conference on Information Systems, Lima, Peru, August 12-15, 2010. 5
Otto IT Governance and Organizational Transformation

• Working groups were not planned to exist permanently, but should rather be formed on a temporary basis. They covered
aspects of application management, technology and infrastructure management as well as software development.

Participation of involved organizational units at “Cerveza & Ref rescos”

Date Corporate SSC IT Retail LoB Beer LoB Sof t Drinks Results
Center LoB

22/05/06 „ Group CIO „ Head of SSC IT „ LoB CIO „ LoB CIO „ LoB CIO Scope and
„ Head of objective
Strategy agreed
„ Head of Milestone
Operations planned
agreed
03/07/06, „ LoB CIO 1st model
05/07/06 version
commented
06/07/06, „ LoB CIO 1st model
12/07/06 version
commented
11/07/06 „ LoB CIO 1st model
„ Application version
Manager commented
04/09/06 „ LoB CIO 2nd model
version
commented
05/09/06 „ LoB CIO 2nd model
„ Application version
Manager commented
06/09/06 „ LoB CIO 2nd model
version
commented
07/09/06 „ Group CIO „ Head of SSC IT „ LoB CIO „ LoB CIO „ LoB CIO 3rd model
„ Head of version
Strategy presented
„ Head of Conf lict
Operations resolution plan
approved
Key: LoB - Line of Business; CIO - Chief Inf ormation Of f icer; SSC - Shared Services Center.

Figure 3: Workshop Schedule

For the development of the IT Governance model and its mutual agreement between the different stakeholders, the following
basic procedure was agreed upon:
• Based on the state of the art and the recommendations of the IT Governance Institute (IT Governance Institute, 2003; IT
Governance Institute, 2005) the core team develops a first version of the IT Governance model. The IT Governance model
is supposed to identify decision areas and roles, and to assign responsibilities.
• In this process, contingency factors are identified, and their impact on the model will be assessed.
• The core team puts up a plan to develop a version of the IT Governance model approved by all roles.
• A meeting is held comprising all decision-makers (CIOs from the business lines, head of shared services, core team), in
which the IT Governance model and the project plan are evaluated and modified, if need be.

Proceedings of the Sixteenth Americas Conference on Information Systems, Lima, Peru, August 12-15, 2010. 6
Otto IT Governance and Organizational Transformation

• The first version of the IT Governance model is evaluated in individual meetings with each CIO. Conflicting interests,
views and opinions as well as propositions for modification will be documented.
• Based on the first evaluation cycle, the core team develops a second version of the IT Governance model and document all
conflicting interests, views and opinions.
• In a second evaluation cycle, both the IT Governance model and the conflicts that could be identified are presented to each
CIO. The results will be discussed and possible solutions of the conflicts are elaborated.
• The core team develops a third version of the IT Governance model plus possible solutions of the conflicts, which are
presented to all decision-makers in an overall meeting and put on the table for final approval
The procedure outlined here was based on the assumption that all decision-makers involved would actively participate in the
process, which is, in general, considered as critical for the establishment of an IT Governance model (Rau, 2004).
Action Taking and Evaluation
The action research study was conducted from May to September, 2006. Figure 3 shows the workshop timetable including
participants from various organizational units and major results. The foundation for the action taking phase was a workshop
series consisting of both plenary workshops with all involved stakeholders and so-called “one on one” workshops with the
different lines of business.

Strategic decision areas

Strategic alignment
Alignment with business
strategy
Requirements analysis
SSC IT strategic plan
Portf olio planning
Business model Organizational development
Service catalog and SLA Standards and rules
Best practices IT governance processes
Strategic supplier HR development
management
Price and cost model Board structure
Risk management Organizational change
management

Operational decision areas

Inf rastructure planning Data center operations Network operations
Help desk operations Field services Security management
Project management Application management

Figure 4: Decision Areas Covered by the IT Governance Model

The first version of the IT Governance model was the starting point for the first evaluation cycle conducted in July 2006. In
various full-day sessions, the status of the IT Governance model was presented to the divisional CIOs. The author of this
paper walked them through the different decision areas and the proposed allocation of responsibilities. The model was
discussed and comments from the CIOs recorded. On the completion of the first evaluation cycle, the author of this paper had
a list of feedback comments on the first version of the IT Governance model. The core team took up on the list when
developing the second model version incorporating the comments into the model. The core team encountered that the
majority of comments could easily be reflected in the model. However, a number of comments led to conflicts. Those were
recorded by the core team for later resolution by the IT Steering Committee.
The same methodology was applied during the second evaluation cycle which took place in September 2006 and led to the
third version of the IT Governance model.
The latter comprised both strategic decision areas and operative decision areas, with the latter having a clear focus on IT
infrastructure services. In fact, the operative decision areas demonstrated many similarities to the draft version of the IT
Governance model. With regard to strategic decision areas, three main blocks were defined: Strategic Direction, SSC IT
Business Model, and Organizational Development. The fact that both overall decision areas and subordinate tasks differ from

Proceedings of the Sixteenth Americas Conference on Information Systems, Lima, Peru, August 12-15, 2010. 7
Otto IT Governance and Organizational Transformation

the recommendations of the IT Governance Institute is due to continuous extension and refinement of the model. In total, the
IT Governance model comprises 219 tasks, of which 20 belong to Strategic Direction, 72 belong to Business Model, 16
belong to Organizational Development, and 111 belong to the operative decision areas (see Figure 4).

Notation

is represented by

Responsibility

Strategic Single Role

Decision Area Role

is assigned to

Operational Board

Figure 5: Structure of the IT Governance Model

Apart from that, the IT Governance model assigned the involved roles to the decision areas through the allocation of different
participatory responsibility types based on the RACI notation. The overall structure of the IT Governance model is illustrated
in Figure 5.
The model reflected the aforementioned premise since it is a combination of existing standards. It used recommendations of
the IT Governance Institute with regard to “management-related arenas” (IT Governance Institute, 2003) such as strategic
alignment, risk and resource management. Apart from that, it adopted the RACI notation included in CobiT (IT Governance
Institute, 2005) and used recommendations on service management proposed by ITIL (OGC, 2006).
As outlined above, the two evaluation cycles disclosed a number of conflicts which hindered the final elaboration of the IT
Governance model. Among the most prominent conflicts that could be identified during the model’s development and
evaluation were the following:
• No common understanding of the role to be filled by the SSC IT: The perception of the SSC IT as a means of the
company’s organizational transformation and integration process differed widely between the various lines of business.
Whilst the soft drink division considered the SSC IT merely as provider of IT infrastructure services the beer division was
expecting the identification and evaluation of strategic innovation potentials through the use of IT by the SSC IT. The
resolution of the different understanding was even complicated, since there was missing an executive directive detailed
enough to be referred to in this process.
• Diverging expectations regarding the scope of services to be provided by the SSC IT: It was not clear what services were to
be offered by the SSC IT and to be consumed by the lines of business. Whilst the soft drinks division was expecting pure
infrastructure services (such as database and e-mail operations), the beer division was evaluating the transfer of the
application management for the ERP systems to the SSC IT. Apart from that, no common understanding was reached
regarding the maintenance of basic technologies such as SAP NetWeaver.
• No trust in SLAs by the CIOs, but fear of losing power: All divisional CIOs were aware of the fact that the ongoing
business transformation would have an impact on the way IT was organized within Cerveza & Refrescos. However, the
vision for the new situation was not communicated sufficiently, the divisional CIOs reacted with a concern of losing
power.
• Unsolved field services strategy from one source covering all markets served: It turned out that the SSC IT was able to
deliver field services (such as hardware repair) covering the local markets of the beer and retail division only. The
international markets of the soft drink division could not be served which impeded a single source strategy for field
services.

Proceedings of the Sixteenth Americas Conference on Information Systems, Lima, Peru, August 12-15, 2010. 8
Otto IT Governance and Organizational Transformation

• Diverging views regarding decisions to be made in the boards (unanimous vote vs. majority vote; right to veto).
Learnings
The development, evaluation and refinement of the IT Governance model at Cerveza & Refrescos led to the following
findings:
• Due to the ongoing organizational transformation at Cerveza & Refrescos, not all business lines were fully aware of the
service oriented role of the SSC IT. This led to conflicting views regarding the scope of services to be rendered by the SSC
IT what called for incorporating “management-related” decision areas in the IT Governance model. This was needed
despite of the fact that the scope of the initial version drafted by the SSC IT was formally in line with its mission.
• The organizational transformation was also reflected the way how responsibilities were designed and assigned. Being
skeptical about the new situation, many CIOs quite too frequently chose to assign “A”s and “C”s (of the RACI notation)
even to operative tasks (which would have led to excessive bureaucratic effort), although it was agreed that the IT
Governance model be continuously refined and that decision power and veto power be increasingly shifted to the boards or
the SSC IT itself. This behavior is typical in times of changes (Elrod II and Tippett, 2002) and underpins the suggestion of
IT Governance being contingent on organizational transformation.
• The IT Governance model served as a “common language” with regard to IT services in general. As all actors involved had
different notions of services, technical terms, and outcomes, the number of subordinate tasks to be defined finally got quite
high, which obviously was the result of the attempt to avoid the danger of misinterpretations by going very much into
detail. In this sense, the IT Governance model became an instrument for the advancement of the organizational
transformation.
• The promotion of organizational integration resulted in decision processes characterized by a high degree of cooperation.
For example, the common practice of assigning only one “A” for each task was dismissed. The IT Governance model
allowed assigning “A” values both to boards and to individual roles. By this it is possible to model unanimity, as both the
board and all roles involved have to give their assent to a proposition.
SUMMARY AND OUTLOOK
The paper at hand reports on the findings from an action research study investigating the affect of organizational
transformation on the establishment of an IT Governance model at Cerveza & Refrescos, a Latin American producer and
distributor of beverages. The paper aims at closing a gap identified in IT Governance research, stating that reference models
and contingency theories hardly reflect on how the establishment of IT Governance models is affected by ongoing
organizational transformation processes.
The findings from our research suggest that the establishment of an IT Governance model is contingent on organizational
transformation. Further research on this topic will be necessary to confirm our findings, particularly in terms of verifying or
falsifying the impact of organizational transformation as a contingency factor. Substantial contribution to the scientific body
of knowledge might come from multiple case studies on the topic.
REFERENCES
1. Ahituv, N., Neumann, S. and Zviran, M. (1989) Factors Affecting the Policy for Distributing Computing Resources, MIS
Quarterly, 13, 4, 389-401.
2. Baskerville, R. L. and Wood-Harper, A. T. (1996) A Critical Perspective on Action Research as a Method for
Information Systems Research, Journal of Information Technology, 11, 3, 235-246.
3. Boynton, A. C., Jacobs, G. C. and Zmud, R. W. (1992) Whose Responsibility is IT Management?, Sloan Management
Review, 33, 4, 7.
4. Brown, A. E. and Grant, G. G. (2005) Framing the Frameworks: A Review of IT Governance Research,
Communications of the Association for Information Systems, 15, May, 696-712.
5. Brown, C. V. (1997) Examining the Emergence of Hybrid IS Governance Solutions: Evidence from a Single Case Site,
Information Systems Research, 8, 1, 69-94.
6. Curtis, D., Colville, R. J., Haight, C. and Brittain, K. (2005) Use and Awareness of ITIL Is Increasing, Gartner,
Stamford.
7. Davison, R. M., Martinsons, M. G. and Kock, N. (2004) Principles of canonical action research, Information Systems
Journal, 14, 1, 65-86.

Proceedings of the Sixteenth Americas Conference on Information Systems, Lima, Peru, August 12-15, 2010. 9
Otto IT Governance and Organizational Transformation

8. Donaldson, L. (2001) The Contingency Theory of Organizations Sage Publications, Thousand Oaks, CA, USA.
9. Ein-Dor, P. and Segev, E. (1978) Organizational Context and the Success of Management Information Systems,
Management Science, 24, 10, 1064-1077.
10. Elrod II, P. D. and Tippett, D. D. (2002) The "death valley" of change, Journal of Organizational Change Management,
15, 3, 273-291.
11. Frank, U. (1998) Aktionsforschung in der WI – Einsatzpotentiale und -probleme, in: Wirtschaftsinformatik und
Wissenschaftstheorie. Grundpositionen und Theoriekerne, R. Schütte, J. Siedentopf and S. Zelewski (Eds.), Universität
Essen, Essen.
12. Gonzalez-Mesa Hoffmann, F. and Weill, P. (2004) Banknorth: Designing IT Governance for a Growth-Oriented
Business Environment, MIT Center for Information Systems Research, Cambridge, MA.
13. Gordon, J. R. and Gordon, S. R. (2002) Organizational options for resolving the tension between IT departments and
business units in the delivery of IT services, Information Technology & People, 15, 4, 286-305.
14. Heinrich, L. J., Heinzl, A. and Roithmayr, F. (2007) Wirtschaftsinformatik: Einführung und Grundlegung Oldenbourg,
München.
15. Hirschheim, R., Schwarz, A. and Todd, P. (2006) A marketing maturity model for IT: Building a customer-centric IT
organization, IBM Systems Journal, 45, 1, 181-199.
16. Hult, M. and Lennung, S.-A. (1980) Towards a Definition of Action Research: A Note and a Bibliography, Journal of
Management Studies, 17, 2, 241-250.
17. IT Governance Institute (2003) Board Briefing on IT Governance, 2nd Ed., IT Governance Institute, Rolling
Meadows/IL.
18. IT Governance Institute (2005) CobiT 4.0: Control Objectives, Management Guidelines, Maturity Models, IT
Governance Institut, Rolling Meadows/IL.
19. Keats, B. and O'Neill, H. M. (2001) Organizational Structure: Looking through a strategy lens, in: The Blackwell
Handbook of Strategic Management, M.A. Hitt, R.E. Freeman and J.S. Harrison (Eds.), Blackwell Publishing, 520-542.
20. Korac-Kakabadse, N. and Kakabadse, A. (2001) IS/IT governance: need for an integrated model, Corporate Governance,
1, 4, 9-11.
21. Lawrence, P. R. and Lorsch, J. W. (1975) Organization and Environment, (12th ed.) Irwin, Homewood.
22. Melville, N., Kraemer, K. and Gurbaxani, V. (2004) Review: Information Technology and Organizational Performance:
An Integrative Model of IT Business Value, MIS Quarterly, 28, 2, 283-322.
23. Meyer, M., Zarnekow, R. and Kolbe, L. (2003) IT-Governance - Begriff, Status Quo und Bedeutung,
Wirtschaftsinformatik, 45, 4, 445-448.
24. Miller, D. (1992) Environmental Fit versus Internal Fit, Organization Science, 3, 2, 159-178.
25. OECD (2004) OECD Principles of Corporate Governance, OECD Publications Service, Paris.
26. OGC (2006) OGC - IT Infrastructure Library (ITIL), Office of Government Commerce, London.
27. Olson, M. H. and Chervany, N. L. (1980) The Relationship Between Organizational Characteristics and the Structure of
the Information Services Function, MIS Quarterly, 4, 2, 57-68.
28. Peterson, R. (2004) Crafting Information Technology Governance, Information Systems Management, 21, 4, 7-22.
29. PricewaterhouseCoopers (2006) IT Governance in Practice - Insight from leading CIOs, Johannesburg.
30. Rau, K. G. (2004) Effective Governance of IT: Design Objectives, Roles, and Relationships, Information Systems
Management, 21, 4, 35-42.
31. Ross, J. W. (2003) Creating a Strategic IT Architecture Competency: Learning in Stages, MIS Quarterly Executive, 2, 1,
31-43.
32. Sambamurthy, V. and Zmud, R. W. (1999) Arrangements for Information Technology Governance: A Theory of
Multiple Contingencies, MIS Quarterly, 23, 2, 261-290.
33. Sugumaran, V. A., Bernard (2003) Measuring IT performance: "Contingency" variables and value modes, The Journal of
Computer Information Systems, 44, 2, 79-86.

Proceedings of the Sixteenth Americas Conference on Information Systems, Lima, Peru, August 12-15, 2010. 10
 Otto IT Governance and Organizational Transformation

34. Susman, G. I. and Evered, R. D. (1978) An Assessment of the Scientific Merits of Action Research, Administrative
Science Quarterly, 23, 4, 582-603.
35. Symons, C. (2005) IT Governance Survey Results, Forrester Research, Cambridge.
36. Tavakolian, H. (1989) Linking the Information Technology Structure With Organizational Competitive Strategy: A
Survey., MIS Quarterly, 13, 3, 308-318.
37. Venkatraman, N. (1994) IT-Enabled Business Transformation: From Automation to Business Scope Redefinition, MIT
Sloan Management Review, 35, 2, 73-87.
38. Weill, P. (1992) The Relationship Between Investment in Information Technology and Firm Performance: A Study of
the Valve Manufacturing Sector, Information Systems Research, 3, 4, 307-333.
39. Weill, P. (2004) Don't just lead, govern: How top-performing firms govern IT, MIS Quarterly Executive, 3, 1, 1-17.
40. Weill, P. and Olson, M. H. (1989) An Assessment of the Contingency Theory of Management Information Systems,
Journal of Management Information Systems, Spring 1996, 6, 1, 59-85.
41. Weill, P. and Ross, J. W. (2005) A Matrixed Approach to Designing IT Governance, MIT Sloan Management Review,
46, 2, 25-34.

Proceedings of the Sixteenth Americas Conference on Information Systems, Lima, Peru, August 12-15, 2010. 11

View publication stats