IT Governance Practices in Commercial Banks in Ethiopia

Abstract

In this study, there were two main objectives. Identifying the IT Governance practices in Ethiopian commercial banks was the first step. Further, it set out to explore the challenges Ethiopian Commercial Banks confront when implementing IT Governance. The goal was to look at Ethiopian commercial banks' IT governance practices. Commercial banks in Ethiopia were the focus of the investigation. A questionnaire was used to gather primary data from 52 respondents from commercial banks. Directors, managers, and senior officers responsible in IT strategy design and implementation were among those who responded. The commercial banks were identified using data from the Ethiopian National Bank (NBE).

The majority of the banks where the data was gathered had been in business for more than twenty years. The other two banks (OIB and CBO) have also been above a decade. There was evidence that a large number of respondents had adequate IT experience. The strategy committee meets quarterly to discuss how to implement and design appropriate IT governance strategy processes. As a result of the conclusions of the study, it is suggested that banks place a greater emphasis on IT governance. To strengthen IT governance processes in Ethiopian commercial banks, the role of NBE in the process needs to be examined. Commercial banks should serve as role models for other businesses in terms of implementing and adhering to standard IT processes that are compliant with IT governance.

Given the restrictions discovered, the study concluded that an effective IT governance approach is a function of numerous factors. As the major controller of both commercial banks, the National Bank must ensure that its machinery has the best processes in place to ensure that IT governance becomes a central driver for achieving IT business strategy alignment, risk management, and value delivery from massive ICT investments. To ensure compliance and wise use of the strategies in place, every officer with a responsibility for the IT governance process must be well-equipped with the necessary skills and knowledge. The IT governance process has confirmed that policy implementation, budget execution, planning, and the resource allocation function are all critical outcomes.

 

Keywords: Information Technology (IT), Information Technology Governance (ITG), IT-Business alignment, banking sector

 

 

Table of Contents

Acknowledgements.................................................................................................................................................................... i

Abstract.......................................................................................................................................................................................... ii

Table of Contents..................................................................................................................................................................... iii

List of Tables............................................................................................................................................................................... vi

List of Figures............................................................................................................................................................................ vii

List of Abbreviations............................................................................................................................................................ viii

CHAPTER ONE................................................................................................................................................................................... 1

1.      INTRODUCTION...................................................................................................................................................................... 1

1.1.        Background of the Study................................................................................................................................... 1

1.2.        Statement of the Problem................................................................................................................................. 3

1.3.        Objectives of the Study....................................................................................................................................... 6

1.3.1.          General Objective................................................................................................................................................ 6

1.3.2.          Specific Objectives............................................................................................................................................... 6

1.4.        Scope and Limitation of the Study................................................................................................................. 6

1.5.        Significance of the Study................................................................................................................................... 7

1.6.        Organization of the Study................................................................................................................................ 7

CHAPTER TWO.................................................................................................................................................................................. 8

2.      LITERATURE REVIEW.............................................................................................................................................................. 8

2.1.        Introduction............................................................................................................................................................ 8

2.2.        Defining IT Governance....................................................................................................................................... 8

2.3.        IT Governance versus Corporate Governance...................................................................................... 11

2.4.        The difference between IT governance and IT management........................................................... 12

2.5.        Why IT governance?........................................................................................................................................... 13

2.6.        Five Key Focus Areas of IT Governance..................................................................................................... 13

2.6.1.          Strategic alignment of IT with the Business.................................................................................................. 14

2.6.2.          The Value Delivery of IT.................................................................................................................................... 15

2.6.3.          The Management of IT Risks........................................................................................................................... 15

2.6.4.          IT resources management................................................................................................................................ 16

2.6.5.          Performance Measurement of IT.................................................................................................................... 16

2.7.        IT Governance Decisions................................................................................................................................... 17

2.7.1.          What are the Key Decisions?........................................................................................................................... 17

2.7.2.          Who Makes the Decisions?............................................................................................................................. 18

2.7.3.          How IT Decisions are Made............................................................................................................................. 19

2.8.        IT Governance frameworks............................................................................................................................. 21

2.8.1.          COBIT.................................................................................................................................................................. 21

2.8.2.          ITIL....................................................................................................................................................................... 23

2.8.3.          CMM................................................................................................................................................................... 23

2.8.4.          ISO/IEC 38500................................................................................................................................................... 23

2.8.5.          Comparison of the IT Frameworks.................................................................................................................. 24

2.9.        Information Technology Governance in Banking Sector................................................................ 24

2.10.      Summary................................................................................................................................................................... 25

CHAPTER THREE:............................................................................................................................................................................ 27

3.      METHODOLOGY................................................................................................................................................................... 27

3.1.        Research Design and Approach...................................................................................................................... 27

3.2.        Data Source............................................................................................................................................................ 27

3.3.        Target population and sample design........................................................................................................ 28

3.4.        Sampling Technique............................................................................................................................................ 28

3.5.        Data Collection................................................................................................................................................... 29

3.6.        Sample of the Study............................................................................................................................................ 29

3.7.        Instruments and Procedures of Data Collection.................................................................................................. 29

3.8.        Measurement scale............................................................................................................................................. 30

3.9.        Data Analysis........................................................................................................................................................ 30

3.10.      Ethical Considerations.................................................................................................................................... 31

CHAPTER FOUR.............................................................................................................................................................................. 32

4.      ANALYSIS AND PRESENTATION OF DATA....................................................................................................................... 32

4.1.        Introduction.......................................................................................................................................................... 32

4.2.        Background Information................................................................................................................................. 32

4.2.1.          Classification of ownership of the Banks...................................................................................................... 32

4.2.2.          Gender of Respondents.................................................................................................................................... 33

4.2.3.          Educational Level of Respondents................................................................................................................. 33

4.2.4.          Educational Fields of Respondents................................................................................................................ 33

4.2.5.          Current position of the respondents.............................................................................................................. 34

4.2.6.          Work Experience of the respondents............................................................................................................. 34

4.2.7.          ITG/ IT strategy/ IT Management Units......................................................................................................... 34

4.2.8.          Roles and responsibilities of respondents..................................................................................................... 34

4.3.        IT Strategic Issues............................................................................................................................................... 36

4.3.1.          The Banks with Strategic Information Plan................................................................................................... 36

4.3.2.          The management monitors and updates of strategic information systems plan................................... 36

4.3.3.          Prioritization of information technology projects........................................................................................ 36

4.3.4.          Procedures through which the bank tracks latest technological developments...................................... 37

4.3.5.          Emergence of new technologies in the industry........................................................................................... 37

4.3.6.          Key performance indicators and drivers........................................................................................................ 39

4.3.7.          Monitored from time to time........................................................................................................................... 39

4.3.8.          Benchmarked against industry standards.................................................................................................... 39

4.3.9.          Management identified the required information technology expertise................................................. 40

4.4.        IT Governance Issues.......................................................................................................................................... 41

4.4.1.          Board members of IT professionals................................................................................................................ 41

4.4.2.          Board members role......................................................................................................................................... 41

4.4.3.          IT Project Implementation Fails....................................................................................................................... 41

4.4.4.          IT steering committee....................................................................................................................................... 42

4.4.5.          Roles of IT steering committee........................................................................................................................ 43

4.4.6.          Assigned to a person in a senior management position............................................................................ 43

4.4.7.          Senior IT Managers focus................................................................................................................................ 43

4.4.8.          Main objective of IT.......................................................................................................................................... 45

4.4.9.          Systems that are initiated and implemented in the Bank........................................................................... 45

4.5.        ITG Decision Making Hierarchy.................................................................................................................... 46

4.5.1.          Who makes what decision.............................................................................................................................. 46

4.6.        IT Project Risks Related issues..................................................................................................................... 47

4.6.1.          Common IT Project Risks.................................................................................................................................. 47

4.6.2.          Management's plan to periodically conduct risk......................................................................................... 49

4.6.3.          The results of the risk assessments................................................................................................................. 49

4.6.4.          Arrangements of the banks for the regular review and audit of its systems........................................... 49

4.6.5.          Responsibility for privacy policy, privacy legislation and compliance...................................................... 50

4.6.6.          Legislative and regulatory requirements....................................................................................................... 50

4.6.7.          Implemented effective controls....................................................................................................................... 51

4.6.8.          IT departments deal with maintenance and service costs........................................................................... 51

4.7.        Other issues............................................................................................................................................................ 52

CHAPTER FIVE................................................................................................................................................................................. 54

5.      CONCLUSION AND RECOMMENDATIONS...................................................................................................................... 54

5.1.        Introduction............................................................................................................................................................... 54

5.2.        Conclusion.................................................................................................................................................................. 54

5.3.        Recommendation........................................................................................................................................................ 56

5.4.        Limitation and Suggestions for Further Research................................................................................................ 57

Reference...................................................................................................................................................................................... 59

Appendix A.................................................................................................................................................................................... 63

Survey Questionnaire............................................................................................................................................................... 63