Type of Document Dissertation Author Thomas, Carlos Anthony URN etd-01182010-210857 Title IT Governance in Small and Medium Enterprises Post Sarbanes Oxley Degree Doctor of Philosophy (Ph.D.) Department Information Systems & Decision Sciences (Business Administration) Advisory Committee
Advisor Name Title Schneider, Helmut Committee Chair Hirschheim, Rudolf A. Committee Member Pawlowski, Suzanne D. Committee Member Watson, Edward F. Committee Member Lou, Yiping Dean's Representative Keywords
- IT governance
- Sarbanes Oxley
- case study
Date of Defense 2009-12-11 Availability unrestricted AbstractThe history of IT governance research has been dichotomous in that research either focused on the IT governance structural arrangements or the contingencies that affect IT organizational decisions. Weill and Ross’s (2004) seminal text on IT governance represents a synthesis of these two streams of research and thus establishes a new trajectory in the discourse related to IT governance. Their study included analysis from both survey data and case studies. However, the case study sites included were of large capitalized companies. Moreover, the cases were conducted prior to the mandated implementation of Section 404 of Sarbanes Oxley (SOX), which oversees the requirements for companies to ensure they have adequate controls in place to safeguard financial data and reporting. Compliance efforts with SOX have disproportionately impacted the finances of small publicly traded companies; consequently, the compliance efforts of small and medium publicly traded companies may differ from that of large companies.
Most small companies have taken SOX seriously and complied with the requirements mandated by the legislation by implementing the controls that demonstrate that the organization has reasonable assurance of governance over the company’s IT function. Still other small companies have chosen to use SOX as a catalyst for systemic change throughout the company’s IT function. While the latter may seem the logical progression of a company’s IT governance effort, that is not always the case. This study seeks to understand the reasons behind why some companies extend compliance efforts to invoke positive systemic change while others only do enough to comply with regulatory requirements. Using a multiple-case methodology, this study attempts to build upon the existing body of IT governance research by examining how the aforementioned IT governance concepts discussed by Weill and Ross are manifest in small and medium publicly traded companies. Additionally, the reason(s) why or why not those concepts may be present is examined using the theoretical lens of institutional theory. Findings of the study include an identification of differences small and medium publicly traded companies and large publicly traded companies in establishing enterprise-wide IT governance.
Filename Size Approximate Download Time (Hours:Minutes:Seconds)
28.8 Modem 56K Modem ISDN (64 Kb) ISDN (128 Kb) Higher-speed Access CarlosThomas_diss.pdf 1.01 Mb 00:04:40 00:02:24 00:02:06 00:01:03 00:00:05
If you have questions or technical problems, please Contact LSU-ETD Support.