Title page for ETD etd-01182010-210857

Type of Document Dissertation
Author Thomas, Carlos Anthony
URN etd-01182010-210857
Title IT Governance in Small and Medium Enterprises Post Sarbanes Oxley
Degree Doctor of Philosophy (Ph.D.)
Department Information Systems & Decision Sciences (Business Administration)
Advisory Committee
Advisor Name Title
Schneider, Helmut Committee Chair
Hirschheim, Rudolf A. Committee Member
Pawlowski, Suzanne D. Committee Member
Watson, Edward F. Committee Member
Lou, Yiping Dean's Representative
  • IT governance
  • Sarbanes Oxley
  • case study
Date of Defense 2009-12-11
Availability unrestricted
The history of IT governance research has been dichotomous in that research either focused on the IT governance structural arrangements or the contingencies that affect IT organizational decisions. Weill and Rossís (2004) seminal text on IT governance represents a synthesis of these two streams of research and thus establishes a new trajectory in the discourse related to IT governance. Their study included analysis from both survey data and case studies. However, the case study sites included were of large capitalized companies. Moreover, the cases were conducted prior to the mandated implementation of Section 404 of Sarbanes Oxley (SOX), which oversees the requirements for companies to ensure they have adequate controls in place to safeguard financial data and reporting. Compliance efforts with SOX have disproportionately impacted the finances of small publicly traded companies; consequently, the compliance efforts of small and medium publicly traded companies may differ from that of large companies.

Most small companies have taken SOX seriously and complied with the requirements mandated by the legislation by implementing the controls that demonstrate that the organization has reasonable assurance of governance over the companyís IT function. Still other small companies have chosen to use SOX as a catalyst for systemic change throughout the companyís IT function. While the latter may seem the logical progression of a companyís IT governance effort, that is not always the case. This study seeks to understand the reasons behind why some companies extend compliance efforts to invoke positive systemic change while others only do enough to comply with regulatory requirements. Using a multiple-case methodology, this study attempts to build upon the existing body of IT governance research by examining how the aforementioned IT governance concepts discussed by Weill and Ross are manifest in small and medium publicly traded companies. Additionally, the reason(s) why or why not those concepts may be present is examined using the theoretical lens of institutional theory. Findings of the study include an identification of differences small and medium publicly traded companies and large publicly traded companies in establishing enterprise-wide IT governance.

  Filename       Size       Approximate Download Time (Hours:Minutes:Seconds) 
 28.8 Modem   56K Modem   ISDN (64 Kb)   ISDN (128 Kb)   Higher-speed Access 
  CarlosThomas_diss.pdf 1.01 Mb 00:04:40 00:02:24 00:02:06 00:01:03 00:00:05

Browse All Available ETDs by ( Author | Department )

If you have questions or technical problems, please Contact LSU-ETD Support.