O'Sullivan, K. (2008) - Strategic Knowledge Management in Multinational Organizations. IGI Global.

Strategic Information System Agility
This page intentionally left blank

Strategic Information System
Agility: From Theory to
Practices
BY
ABDELKEBIR SAHID
University Hassan 1st, Morocco
YASSINE MALEH
University Sultan Moulay Slimane, Morocco
MUSTAPHA BELAISSAOUI
University Hassan 1st, Morocco
United Kingdom – North America – Japan – India – Malaysia – China

Emerald Publishing Limited
Howard House, Wagon Lane, Bingley BD16 1WA, UK
First edition 2021
Copyright © 2021 Emerald Publishing Limited
Reprints and permissions service

Contact: [email protected]
No part of this book may be reproduced, stored in a retrieval system, transmitted in

any form or by any means electronic, mechanical, photocopying, recording or otherwise
without either the prior written permission of the publisher or a licence permitting
restricted copying issued in the UK by The Copyright Licensing Agency and in the USA
by The Copyright Clearance Center. Any opinions expressed in the chapters are those
of the authors. Whilst Emerald makes every effort to ensure the quality and accuracy of
its content, Emerald makes no representation implied or otherwise, as to the chapters’
suitability and application and disclaims any warranties, express or implied, to their use.
British Library Cataloguing in Publication Data

A catalogue record for this book is available from the British Library
ISBN: 978-1-80043-811-8 (Print)

ISBN: 978-1-80043-810-1 (Online)
ISBN: 978-1-80043-812-5 (Epub)
In loving memory of my aunt Essadia Sahid Abdelkebir Sahid
In loving memory of my mother Yassine Maleh
To my family Mustapha Belaissaoui
Contents
List of Figures xi
List of Tables xiii
List of Acronyms xv
Preface xvii
Chapter 1 Introduction 1
1.1 Context1
1.2 Why Agility Now?2
1.3 The Agility Role3
1.4 IT as a Business Agility Obstacle4
1.5 IT at the Service of Business Agility5
1.6 Research Objective5
1.7 Research Design6
1.8 Contributions and Relevance6
1.9 Book Organization7
Chapter 2 Understanding Agility Concept 9
2.1 Introduction9
2.2 Background of Significant Changes Underlying Agility10
2.3 Production Method Trends13
2.3.1 Lean Manufacturing14
2.3.2 Total Quality Management17
2.4 Agile Management Paradigm Evolution18
2.4.1 Change Management18
2.4.2 Change and Uncertainty Mastering in the
Entrepreneurial Organization21
2.4.3 Work on Agility 21
2.4.4 Agile Continuous Delivery Methods25
2.4.4.1 Scrum25
2.4.4.2 Agile Manifesto26
viii Contents
2.4.4.3 DevOps26
2.4.4.4 Toyota Kata26
Summary27
Chapter 3 Information System Evolution 29
3.1 Introduction29
3.2 Information System Definition and Objective32
3.3 Information System Concept33
3.4 Concepts of Enterprise Application35
3.5 Features of Enterprise Applications35
3.6 Autonomy36
3.7 Distribution37
3.8 Heterogeneity37
3.9 Dynamism38
3.10 EIS and Company Strategy38
3.11 Enterprise Information Systems’ Complexity40
3.12 Complexity Factors40
3.13 Evolution of EISs41
3.14 EIS Governance42
3.14.1 COBIT47
3.14.2 LIBRARY (ITIL) 51
3.14.3 Structure of ITIL v4 52
3.14.4 CMMI 54
3.14.5 Committee of Sponsoring Organizations of the
Treadway Commission (COSO)55
3.15 Urbanization57
3.15.1 The Metaphor of the City 57
3.15.2 The Urbanization of Information System59
3.16 Flexibility60
3.17 Agility61
3.17.1 IS organizational Design64
3.17.2 Competencies and Skills of IS professionals65
3.17.3 IS Development65
3.17.4 Design of IT Infrastructure66
Summary66
Chapter 4 The Conceptual Model for IS Agility 67
4.1 Introduction67
4.2 Literature Review68
4.3 Literature Methodology71
Contents ix
4.4 IS Agility Frameworks72

4.4.1 Zhang and Sharifi (2000)72
4.4.2 Gunasekaran and Yusuf (2002)72
4.4.3 Crocitto and Youssef (2003)73
4.4.4 Lin, Chiu, and Tseng (2006)74
4.4.5 Swafford, Ghosh, and Murthy (2008)75
4.4.6 Ramesh, Mohan, and Cao (2012)75
4.4.7 Atapattu and Sedera (2014)76
4.4.8 Park, El Sawy, and Fiss (2017)78
4.4.9 Morton, Stacey, and Mohn (2018)78
4.4.10 Wu (2019)78
4.5 Discussion and Critic’s79
4.5.1 Discussion79
4.5.2 Critic’s80
4.6 Agility Components81
4.7 Agility Drivers81
4.8 Capability81
4.9 The Proposed Conceptual Model to Achieve Strategic Agility84
4.9.1 Sensing85
4.9.2 DBPA87
4.9.3 The Level of Agility Need88
4.9.4 Security Policy89
4.9.5 The Proposed Model Contribution89
Summary90
Chapter 5 Strategic Agility for IT Service Management:
A Case Study 93
5.1 Introduction93
5.2 IT Service Management ITSM95
5.2.1 Agility in ITSM96
5.3 The Proposed ITSM Framework99
5.3.1 Framework Overview99
5.3.2 Framework Maturity profile99
5.3.3 The Attainment Model102
5.3.4 Agility Management103
5.4 Use Case106
Summary115
Chapter 6 Cloud Computing as a Drive for Strategic
Agility in Organizations 117
6.1 Introduction117
6.2 Goals and Objectives of the Research Study119
6.3 Literature Review120
x Contents
6.4 The Theoretical Foundation121

6.4.1 Combining DOI and TOE125
6.5 Research Model and Hypotheses128
6.5.1 The Innovation Characteristics129
6.5.2 Technological Readiness131
6.5.3 The Organization Context132
6.5.4 The Environmental Context133
6.6 Research Methods133
6.7 Quantitative Methodology135
6.7.1 Measurement Model135
6.7.2 Data Collect135
6.7.3 Results135
6.7.4 Finding136
6.7.5 Technology Readiness141
6.7.6 Organizational Context141
6.7.7 Environmental Context142
6.7.8 Discussion and Interpretations142
6.7.9 Qualitative Study142
6.7.10 Hypobook145
6.7.11 Results148
6.7.12 Result Discussion149
Summary150
Appendix153
Reference159
Index185
List of Figures
Fig. 1. The Overall Structure of the Book. 7

Fig. 2. The Production Modes Development and Agility Paradigm. 12
Fig. 3. The Evolution of Production Modes. 15
Fig. 4. The Manufacturing Trilogy of JIT, TQ, and TI. 16
Fig. 5. A Model of a TQM System Source. 17
Fig. 6. The First Strategic Change Process. 18
Fig. 7. The Second Strategic Change Process. 19
Fig. 8. Agile Entreprise. 22
Fig. 9. AM Structure. 23
Fig. 10. The Structure of an AM Enterprise. 24
Fig. 11. A Progression of Manufacturing Paradigms. 24
Fig. 12. Common Attributes and Skills. 25
Fig. 13. The Evolution of Information Systems. 31
Fig. 14. Systemic View of the Company and the Environment. 32
Fig. 15. Information System Structure. 33
Fig. 16. A Systemic View of an IS. 35
Fig. 17. Concept of Application. 36
Fig. 18. Dimensions of Enterprise Applications. 36
Fig. 19. What is the Strategy? 38
Fig. 20. Extended IT Governance Model. 45
Fig. 21. The ERM Model Proposed by COSO. 56
Fig. 22. EIS Urbanization and Alignment. 60
Fig. 23. Factors Influencing Information Systems. 71
Fig. 24. The Proposed Model to Achieve Agility in Manufacturing. 73
Fig. 25. Agile Manufacturing Paradigm. 73
Fig. 26. Model of Organizational Agility. 74
Fig. 27. Conceptual Model for an Agile Enterprise. 75
Fig. 28. Conceptual Model for Supply Chain Agility. 76
Fig. 29. POIRE Agility Evaluation Approach. 77
Fig. 30. Business Agility through CRM for Customer Satisfaction. 77
Fig. 31. Producing Agility through IT Configuration. 78
Fig. 32. A Framework for Executive IT Leaders to Strategic Agility. 79
Fig. 33. IS Integration to Improve Supply Chain Agility. 80
Fig. 34. Agility Types of Research Components. 83
Fig. 35. A Conceptual Model to Achieve IS Agility. 84
Fig. 36. Sensing Phase. 88
xii List of Figures
Fig. 37. DevOps Agility: Aligning People, Technology, and

Process for Continuous Improvement. 104
Fig. 38. DevOps ITSM Maturity Model for Continues the
Organization’s Measure and Improvement. 107
Fig. 39. The Proposed Agile ITSM Framework. 108
Fig. 40. Assessment Score. 110
Fig. 41. ITSM Maturity Score. 111
Fig. 42. Continual IT Improvement. 114
Fig. 43. The Proposed Model for Cloud Adoption in Organizations. 129
Fig. 44. Research Design. 134
Fig. 45. Cloud Usage by Type. 148
Fig. 46. Cloud Usage by Deployment Model. 148
Fig. 47. Combined Frequency Distributions for Responses to
Aggregated IS Agility Categories. 149
List of Tables
Table 1. Research Questions. 6

Table 2. The Dimension of the IT Governance Model. 46
Table 3. IS Agility Research Streams. 62
Table 4. Agility Definitions. 69
Table 5. Agility Drivers Types. 82
Table 6. Sensing Types. 86
Table 7. The Proposed Framework Capabilities. 100
Table 8. New Skills and Attitudes Required for an Efficient ITSM. 105
Table 9. Organization Staff and Turnover. 109
Table 10. Participants’ Demographics. 109
Table 11. Continual Quality Improvement. 110
Table 12. Target Objectives of Phase 1 (Months 0–12) to
Achieve the Target Maturity Level. 112
Table 13. Cloud Computing Studies. 122
Table 14. Summary of the Factors Studied Influencing
Cloud Adoption. 126
Table 15. Participants’ Demographics. 136
Table 16. Quantitative Factors that Influence the Adoption
of Cloud Computing. 137
Table 17. Mean and Standard Deviation of Full and Subsamples. 140
Table 18. Sample Size Calculation Using the G* Power Software. 143
Table 19. The Interview Questions Sample. 144
Table 20. Cloud Computing’s Impact on Information Systems Agility. 146
List of Acronyms
AM Agility Management
APO Align, Plan, and Organise
BAI Build, Acquire, and Implement
BSC Balanced Scorecard
ISO/IEC International Standards Organization/International Electrotech-
nical Commission
CEO Chief of Enterprise Officer
CG Corporate Governance
CIA Confidentiality, Integrity, and Availability
CIO Chief of Information Officer
CMDB Configuration Management Database
CMMI Capability Maturity Model Integration
COBIT Control Objectives for Information and related Technology
COSO Committee of Sponsoring Organizations of the Treadway
Commission
DOI Diffusion of Innovation theory
DSS Deliver, Service, and Support
DIS Direction of information systems
DBPA Data Base Agility Drivers
EDA Exploratory Data Analysis
EDM Evaluate, Direct, and Monitor
EUROSAI European Organization of Supreme Audit Institutions
EIS Enterprise Information Systems
ERP Enterprise Resources Planning
DSR Design Science Research
EG Enterprise Governance
IT Information Technology
ITG Information Technology Governance
ITGI Information Technology Governance Institute
ITIL Information Technology Infrastructure Library
ITSM Information Technology Service Management
IS Information Systems
SLA Service Level Agreement
ISO Information Security Officer
ISMS Information Security Management System
ISG Information Security Governance
xvi List of Acronyms
ISSP Information Systems Security Policy

ITIL Information Technology Infrastructure Library
ISACA Information Systems Audit and Control Association
JIT Just-in-Time (manufacturing philosophy)
KPI Key Performance Indicator
MEA Monitor, Evaluate, and Assess
MENA Middle East and North Africa
NIST National Institute of Standards and Technology
OLA Operational Level Agreement
OA Organizational Agility
PDCA Plan-Do-Check-Act
PCM Process Capability Model
PMBOK Project Management Body of Knowledge
PSIS Policy Security for Information Systems
SLM Service Level Management
SMEs Small and medium-sized enterprises
SOX Sarbanes-Oxley Act
SPOC Single Point of Contact
TQM Total Quality Management
TQC Total Quality Control
VE Virtual Enterprise
UTAUT Unified Theory of Acceptance and Use of Technology
Preface
In the last decade, the use of information systems as a strategic tool has contrib-
uted significantly to the Information Technology revolution. However, the adop-
tion of information systems is rarely successful without adequate precautions and
attention. IT systems’ deployment is both a risky and profitable choice for an
increasingly rapid and evolving economic context.
Nowadays, organizations increasingly require a reactive and proactive response
to uncertain internal and external events and opportunities, demonstrating agil-
ity of action to reach a company’s operational performance. The issue is that
organizations are generally not prepared to deal with significant uncertainties and
unpredictability. Likewise, information systems are not developed to cope with
change and unpredictability. Consequently, for many companies, IT signifies a
constraining factor to business agility requirements.
Strategically, agility implied conquering new markets, taking risks, and con-
sidering new social and environmental challenges. Thus, in operational strategy,
this means integrating stakeholders into the company’s practices and improving
its understanding by re-evaluating all links in chain value to create a competitive
advantage.
In other words, agility necessarily requires strategy and, more specifically,
organization, culture, and business model to convey the need for responsiveness
as effectively as possible.
Faced with the various transformations, and needs of the internal and/or exter-
nal environment, it is essential to structure the company’s information system (EIS)
to facilitate its evolution and modify its positioning, structure, and skills. All this in
harmony with the company’s strategic development, while ensuring global consist-
ency in terms of permanent IT alignment with the global strategy, interoperability,
integration, autonomy, and flexibility. In other words, the EIS must be agile.
The book’s purpose is to analyze and explain the impact of IT systems’ strate-
gic agility on organizations’ business performance in response to highly uncertain
and unexpected events potentially significant.
The present book aims to create an explanatory framework that illustrates
how and under what conditions IT helps organizations to detect and respond to
uncertain events supported by learning capabilities. The main question of this
book is the following: What is the role and impact of strategic IS agility on the
operational agility of organizations in response to uncertain events?
This book delivers comprehensive coverage of the elements necessary for the
development and the implementation of effective Information systems’ strategic
xviii Preface
agility. The book dissertation includes the concept, theory, modeling, and archi-
tecture of an agile information system. It covers state of the art, concepts, and
methodologies for developing information system strategies taking into account
the environment, the current development of information technologies, and the
general trend of IS agility. The book should help companies to formulate the
information systems’ processes of the twenty-first century to grow in the com-
petitiveness of its area.
Abdelkebir Sahid
Yassine Maleh
Mstapha Belaissaoui
Chapter 1
Introduction
1.1 Context
Nowadays, managers increasingly require a proactive and reactive response to
uncertain internal and external events and opportunities, demonstrating flexibility
and agility of action to match the company’s operational performance. The issue
is that organizations are generally not prepared to deal with significant uncertain-
ties and unpredictability. Usually, business practices were certain and predictable
(Kidd, 1995). Likewise, information systems are not developed to cope with change
and unpredictability. Consequently, for many companies, information technology
(IT) is a significant factor that constraints business agility requirement.
A study by Tucci, Mitchell, and Goddard (2007) shows that less than half of
chief executive officers’ CEOs trust IT to contribute to the success of their busi-
ness. An MIT study of 1,500 IT managers shows that 71% of American compa-
nies are in phase 1 or 2 of enterprise architecture maturity (Ross & Beath, 2006),
which explains why IT is a barrier to business agility in many organizations.
The lack of agility hurts the company’s performance, for example, due to delays
in the launch of new products. Thus, according to Foster and Kaplan (2001), a six-
month delay in the product launch in the pharmaceutical and cosmetics industry
has decreased the product’s turnover by more than 30% over its lifetime. Another
example is General Electric’s plan to save $10 billion with real-time information in
its GE cockpits for monitoring the company’s performance and rapidly adapting
to changes required (Melarkode, From-Poulsen, & Warnakulasuriya, 2004).
There are significant differences between companies’ ability to detect uncer-
tain and unexpected events in different sectors of activity to react quickly by
changing their operations and business processes. With this quality, the company
can cope with surprising and unavoidable changes by expanding (or reducing)
these specific capacities or reducing cycle times beyond current levels of flexibility
(Sengupta & Masini, 2008).
These two examples highlight the benefits of IT in improving responsiveness and
agility. This book analyzes the role and impact of IT agility on operational agility to
help organizations deal with uncertain and unpredictable consecutive events.
Today, agility has become a necessary quality, especially in an always unstable
economic environment, making it mandatory, even indispensable (Conboy, 2009;
Imache, Izza, & Ahmed-Nacer, 2012; Sharifi & Zhang, 1999; Zhang & Sharifi, 2000).
Strategic Information System Agility: From Theory to Practices, 1–8

Copyright © 2021 by Emerald Publishing Limited
All rights of reproduction in any form reserved
doi:10.1108/978-1-80043-810-120211002
2 Strategic Information System Agility
Likewise, IT agility has become the primary purpose of any information systems’
department, a quality that any company must have, to meet the customers’ needs,
face competitiveness challenges and rapid technological evolution.
Faced with the various transformations and needs of the internal and/or exter-
nal environment, it is essential to structure the company’s information system (EIS)
to facilitate its evolution and modify its positioning, structure, and skills. All this in
harmony with the company’s strategic development, while ensuring global consist-
ency in terms of permanent IT alignment with the global strategy, interoperability,
integration, autonomy, and flexibility. In other words, the EIS must be agile.
1.2 Why Agility Now?

The following chapter introduces the topic and provides an overview of the
research contributions included in this book. We ask, “Why agility now?” We
believe there are at least three answers. First, it is becoming increasingly diffi-
cult to survive and succeed in today’s business environment. Being agile, able to
detect and react to predictable and unpredictable situations is a promising strat-
egy in times of change and uncertainty. Recently, an essential activity on agility
has promoted in the form of agile software development, agile manufacturing,
agile modeling, and agile iterations. The diffusion of IT is a process that takes
time and effort. Many IT projects succeed in developing a product, but fail to
achieve goals. The importance of information systems’ agility for rapidly chang-
ing business environments was recognized, particularly in the digitalization age.
In this field, agility refers to the ability to provide solutions promptly and to adapt
quickly to changing requirements.
For a long time, the business environment has been relatively stable, with grad-
ual changes. In the event of a radical change, the rate tends to remain relatively
slow without being quickly followed by other significant changes.
In this relatively stable environment, organizations were not encouraged to be
proactive in their response to internal and external events promptly. More specifi-
cally, as a communication and transaction infrastructure, the Internet has caused
(and will continue to create) turbulence and uncertainty in business and consumer
markets, as well as its ability to connect everyone and everything.
Changes and events in the economic environment were generally predictable.
Nevertheless, technology, innovation, public policy changes, and deregulation
are destabilizing the business landscape and redesigning this world (Hagel &
Brown, 2003).
Friedman (2005) argues that the twenty-first-century globalized world has flat-
tened the world. Radical “non-linear changes,” leading to a different order are
becoming more frequent. Moreover, the pace of change is significantly faster.
Business-networks are becoming more sophisticated and interconnected. The
boundaries of the industry are becoming blurred (finance, media, telecoms, and
IT converge) (Bradley & Nolan, 1998). However, re-intermediation has created
new stakeholders with new capacities, delivering new services to end clients.
Regulatory changes and external requirements for accountability, sustain-
ability, and security have a significant impact on the products, processes, and
Introduction 3
organization’s resources. To maintaining its competitiveness and perseverance

over time, a company must be able to detect uncertain events, react quickly, and
learn from experience (Dove, 2002).
Agility gives organizations the ability to quickly detect and respond to unpre-
dictable events, and meet changing customer demands. This ability is essential in
today’s business world.
New technologies and business practices are continuously introduced to create
or change global market demands (Sengupta & Masini, 2008).
Two examples illustrate this. An example to understand the role of agility
is the agility of IT services’ companies, which was challenged during the latest
financial crisis in 2008. When “IceSafe” Bank, an Icelandic bank, encountered
financial problems, its customers no longer had access to their savings’ accounts
over the Internet from one day to the next, which caused a major panic among
IceSafe and other bank customers in Europe. Consumers are seeking assurance
that their funds are always safe and accessible through the Internet. The “IceSafe”
bank’s website and account information were no longer accessible to customers,
consequently a traffic spike on other banks’ websites. IT firms that provide IT
hosting capacity and maintenance services for banks such as “IceSafe” should
react quickly to maintain online banking services for their customers.
Another example is Volvo’s sales and IT initiative to manage the development
and implementation of an agile supply chain in the aftermarket. Volvo has devel-
oped a platform, web services and a web portal for selling spare parts on the
Internet. Indeed, the difficulties related to the creation and the integration of a
new platform are accentuated by the pressure of establishing new relationships
in the field of global logistics for Spare Parts. Volvo’s work illustrates agility by
continuously working on scenario development and ensuring that projects are
deployed correctly to support learning.
In the “Icesafe” Bank example, using intelligent agent software helps IT ser-
vice firms by allowing them to identify a possible disruption of their web hosting
services proactively. As a result, a response process was initiated to avoid a pos-
sible online banking suspension.
Through these two examples, IT can improve IS responsiveness and agility.
1.3 The Agility Role

Companies must increase their reactivity levels to cope with globalization and
various internal and external challenges. Flexibility allows reactivity into organi-
zations, processes, and systems, on a limited number of measures only. Except for
that combined flexibility in a system, from the beginning, becomes costly.
A new concept is needed to survive in a turbulent environment and cope with
market changes.
This concept, called agility, was introduced in the American automo-
tive industry in the early 1990s. The Department of Defense requested that
Lehigh University researchers develop a vision, a conceptual framework, and
recommendations to create an effective industrial infrastructure. As a result
of this work, the report entitled “21st Century Manufacturing Enterprise
Strategy” (Nagel & Dove, 1991) was published by the Iacocca Institute at Lehigh
University (Kidd, 1994). Following this first report, the Agility Forum is created
to explore the agility concept in more depth.
Agile manufacturing was developed as a new manufacturing paradigm to
address customer requirements in volatile markets. Agile Manufacturing incor-
porates the full range of flexible production technologies, the lessons learned
from total quality management, “just-in-time” production, and “lean” produc-
tion (Goldman, 1994).
Goldman and Nagel (1993) defined agility as the ability to succeed in a continu-
ally changing and unpredictable competitive environment and to react quickly to
unforeseen changes in global markets, where demand for low-cost, high-performance,
high-quality products, and services is paramount for customers.
Several publications on agile manufacturing and agile enterprises (Dove, 2002;
Kidd, 1994, 1995) followed the work of Goldman and Nagel (1993) and Goldman,
Nagel, and Preiss (1995). Subsequently, the concept was extended to supply chains
and business networks (Mason-Jones & Towill, 1999; Swafford, 2004; Towill &
Christopher, 2002; Van Hoek, Harrison, & Christopher, 2001; Yusuf, Gunasekaran,
Adeleye, & Sivayoganathan, 2004). Recently, many researchers have analyzed how
IT can support business agility and how agility can improve information systems
performance (Desouza & Awazu, 2006; Sambamurthy, Bharadwaj, & Grover, 2003).
IT constitutes a key business agility asset and a significant capability that can
hinder or facilitate business agility. Over the years, IT has considerably developed
and achieved considerable maturity to optimize the use of limited and costly tech-
nological resources, roles and relationships have been defined (Hagel & Brown,
2001). IT has become standardized and shared knowledge through the years,
reducing prices due to economies of scale.
The literature presents three research streams with different perspectives on
the relationship between IT capabilities and organizational agility (performance).
According to the first trend, IT capacity is not essential and does not hinder the
company’s agility performance. The other view is that IT capabilities contribute
to strengthening the company’s agility (performance). For the third stream, IT
capabilities contribute to improving the company’s agility (performance), but
under certain limited conditions and circumstances. This doctoral book will pro-
vide additional research resources related to the third stream.
1.4 IT as a Business Agility Obstacle

For decades, many studies have revealed conflicting, sometimes divergent, results
regarding IT’s effects on the organization’s responsiveness and flexibility. In a sur-
vey of many business process re-engineering cases, Attaran (2004) found that “IT
was the main obstacle to rapid and radical change, with the profound transforma-
tion of the IS requiring a redesign of the IS.” Cabled IT architectures, where busi-
ness rules are incorporated into information systems, are a significant obstacle to
rapid change. IT departments in large companies seem unresponsive and lacking
in agility (Kearney et al., 2005). Among the main barriers to this unreliability are
existing information systems, the excessive complexity of the IT architecture, and
Introduction 5
the reduced interaction between the company and IT; (flat Business-IT alignment)
moreover, differences between Top Management and IT managers regarding the
importance of IT and the appropriate time for new technology adoption.
IT infrastructure and application complexity prevents the rapid development
and deployment of new systems to support business agility.
1.5 IT at the Service of Business Agility

IT can increase organizational agility through open standards-based information
systems (which facilitate transformation between partners), involving the best
functional areas and being flexible for change, due to lack of time, and low costs
(Klapwijk, 2004). IT agility increasingly promotes business adaptability (i.e., busi-
ness agility). Automation has moved from the back office (the 1980s) to the front
office (the 1990s) to the automation of the IT infrastructure’s ability to adapt to
each business decision. Also, functional (vertical) IT architectures are replaced by
horizontal (Large-enterprise) designs.
Over the decades, IT protectionists and vendors have developed concepts and
strategies to assist companies in achieving IT and organizational agility. As a
result, a variety of organizational models and agile IT solutions were designed to
reach business agility and cope with unexpected changes. In the research, many
books and papers were addressed the information technologies’ role to promote
organizational reactivity.
The purpose is to have an agile organization able to configure IT and human
resources in a fast and flexible way to detect and respond to evolving demands,
through the IS capacity in general and the IT infrastructure in particular
(Pearlson & Saunders, 2006).
Today, CEOs increasingly recognize the importance of being agile, proactive,
or reactive – in responding to internal and external uncertain events and oppor-
tunities. However, the challenge is that organizations are generally not designed
to cope with severe uncertainty and unpredictability. Economic practices are
founded upon certainty and predictability (Kidd, 2000). Also, information sys-
tems are not intended to deal with changes and unpredictability.
1.6 Research Objective

The objective of the book is to create an explanatory framework that illustrates
how and under what conditions IT helps organizations to detect and respond to
uncertain events, supported by learning capabilities. The principal research ques-
tion of this book is:
Which are the role and impact of IT systems’ strategic agility in responding to
uncertain events?
Table 1 presents an overview of the sub-research questions in this study and

the chapter(s) in which they are addressed.
Table 1. Research Questions.
Research Question Chapter Number

How to achieve agility in Enterprise Information Systems? 4
How does agility impact IT service management? 5
How can cloud computing adoption increase IT agility? 6
1.7 Research Design

The research plan for this book consists of two Sections. The first section includes
an in-depth literature review and analysis of existing case studies in Chapters
2 and 3. The result is a global research model. In the second section, a general
analysis of the concept of agility is conducted in different industries and sectors
based on the worldwide research model. It will be the subject of Chapters 4 and 5.
1.8 Contributions and Relevance

This book aims to serve the scientific and business community. The contributions
will allow knowing how IT can improve business agility. Promote understand-
ing of the relationship between IT service management agility and organization
responding to uncertainty in the agile era.
As a practical contribution, this book purposes providing managers with an
overview of events requiring agility, in which conditions IT should assist the
organization to respond and learning, to leverage personal and organization
capabilities through practice frameworks to reach agility in IT asset and service
information systems, management, and strategic. Results should allow decision-
makers to determine perspectives, face compromises, and manage IT to drive
Information systems’ strategic agility.
As applied research, this study attempts to help address the strategic gap in
IT agility that has been identified as a significant, real, global problem. In high-
lighting the “know and do” gap underlying this study, we have tried to tackle this
problem boldly. Research overcomes some challenges in researching new areas of
corporate governance and IT agility. The foundations have been laid for industry
and scholarly literature in this field to contribute to knowledge.
This book makes the following significant contributions to IT agility in the
literature:
⦁⦁ The first contribution of this research is the literature review on IT agility. It is

clear that while there is significant literature on IT agility and its forms, there is
a shortage of literature on IT agility and the importance of internal and exter-
nal factors on IT investment decision-making.
⦁⦁ The second contribution is identifying essential aspects that define the agile
practical framework for IT service management ITSM. It was gathered from a
theoretical and empirical research study that generated answers to secondary
level research questions and feedback from the analysis of best practice experi-
ence in organizations.
Introduction 7
⦁⦁ The third contribution identifies the determinants of cloud computing

adoption based on the characteristics of innovation and the technological,
organizational, and environmental contexts of organizations, and assesses
how cloud computing is changing IS agility.
1.9 Book Organization

The overall structure of the book is described in Fig. 1. Chapter 2 presents a
review of research related to agility by analyzing the different types of the
research proposed, from the craft industry to the emergence of agility. Chapter 3
presents an overview of information systems’ evolution based on three inter-
dependent phases. Chapter 4 gives a combination illustrating the development
of agility within information systems and provides a conceptual framework
to adopt agility in the organization’s information systems. Chapter 5 proposes
an agile IT service management through a case study in a large organization.
The proposed framework will impact all aspects of IT-oriented user productivity
Part 1: Introduction
General Introduction
Part 2: Review of literature and practice
Chapter II
Chapter I Chapter III
Understanding Agility
Introduction Information
Concept
Systems Evolution
Part 3: IS Agility Frameworks
Chapter IV Chapter V Chapter VI

The conceptual model for Strategic Agility for IT Cloud Computing as a
IS Agility Service Management: A Case Drive for Strategic Agility
Study in Organizations
Part 4: Conclusion and Future Works
Conclusion and open

research
Fig. 1. The Overall Structure of the Book.

and will implement an agile approach to managing all these aspects. Chapter 6
proposes recommendations on when and how cloud computing is a useful tool
and outlines the limitations of recent studies and future research perspectives. Its
primary objective is to explore how agility influences decision-making to adopt
cloud computing technology, and how the cloud can increase IT agility. A survey
was conducted in the Middle East and North Africa region covering medium and
large organization from the manufacturing and service industries.
Finally, we discuss the key findings of this book, the limitations, the contribu-
tions to the academic and the business world and some recommendations for
future research.
Chapter 2
Understanding Agility Concept
Abstract
Manufacturers have experienced many stages of evolution and paradigm
shift. The paradigm shifts from crafts to mass production, then to lean pro-
duction, and finally to agile manufacturing (AM). Agility will reduce the
time to market for appropriate products and services. Twenty-first century
companies must meet a demanding customer base that will increasingly seek
high quality, low-cost products adapted to their specific and continually
evolving needs. It is time for companies to compete, and “push the bounda-
ries” in response to delivery, product quality, and overall excellence in cus-
tomer service and satisfaction. For addressing these challenges, a new way
to manage businesses was proposed called “Agility,” AM is defined as the
ability to survive in a competitive environment characterized by the con-
tinual and unpredictable changes, by responding effectively to the changing
markets with products and services designed by the customer. This chapter
presents a review of research related to the agility concept through an analy-
sis of the variously proposed studies. This analysis was conducted based on
a meta-model of three words (Agility, Management, and Organization).
2.1 Introduction
Numerous studies have suggested an explanation of the agility concept; they
define agility as the ability to operate and compete in a continuous and dynamic
change context. The Advanced Research Programs Agency and the Agility Forum
define agility as
The ability to succeed in continuous and often unexpected environ-

mental change. The agility concept constitutes a part of a program
established by a diverse set of industrial companies to improve and
maintain the competitive advantage of the U.S. manufacturing
base. (Sarkis, 2001)

doi:10.1108/978-1-80043-810-120211003
Agility, lean, and flexibility are strategic organizational philosophies that have
attracted researchers’ attention recently.
⦁⦁ Lean manufacturing: Eliminates waste and minimizes resource use.

⦁⦁ Flexible manufacturing: This is a structure rather than a strategy to facilitate
the reconfiguration and customization of the production chain.
⦁⦁ Agile manufacturing (AM): A Strategy that includes lean and flexible manu-
facturing to develop world Corporation and competitiveness.
According to these definitions, the Lean and flexibility concepts are a part of
agility scope; other researches argue that they constitute distinct and separable
philosophies. Also, numerous academic and practical studies have treated flexibil-
ity and lean of manufacturing, providing specific elements and definitions with
analytical models to assign it (Evans, 1991; Narain, Yadav, Sarkis, & Cordeiro,
2000; Upton, 1994). Lean Manufacturing is the result of various practices. First,
it was presented by researchers at the Massachusetts Institute of Technology as
part of a fundamental study of international practices in the automotive industry
(Womack, Womack, Jones, & Roos, 1990). Links and roles between agility, flex-
ibility, and lean can provide a partial agility definition. To respond to Industry
requirements for agility appeared firstly in the report of the twenty-first Century
Manufacturing Enterprise Strategy (Nagel & Dove, 1991).
Agility includes four main dimensions: inputs, outputs, external influences, and
internal operations (Goldman & Nagel, 1993; Yusuf, Sarhadi, & Gunasekaran, 1999):
⦁⦁ Outputs: “solution” products that enrich the customer.

⦁⦁ Inputs: cooperate to enhance competitiveness.
⦁⦁ External influences: unpredictable changes and social values.
⦁⦁ Internal operations: leveraging on human capital and information impact.
For Dove (1995), agility factors emerge through the relationships between
organizational entities. These factors include the relationship between opportun-
istic customers and adaptable producers, known as opportunity management.
Another critical factor for environmental uncertainty is the relationship between
flexible producers and the relentless technology defined as innovation management.
2.2 Background of Significant Changes Underlying Agility

To explain the agility development, it is necessary to draw up a chronology of
production methods’ evolution. Initially, agility was developed in the manufac-
turing field, and in 1991 the term agility and/or agile spread between management
and organizations.
Three dominant paradigms have affected industrial production in the modern
world (Hormozi, 2001; Tidd & Bessant, 1997). Artisanal production appeared in
Europe before the eighteenth century. In this mode, producers, mainly (Craftsmen),
contracted and completed individual projects. Consumer demands were generally
for unique products and vary around the pre-manufactured product (Hormozi,
2001). This paradigm is characterized by a low production volume and a broad
product variety (S. Brown & Bessant, 2003). The second is mass production,
Understanding Agility Concept 11
actively developed in the United States between the nineteenth and twentieth
centuries – following the discovery of the steam engine developed at the end of the
seventeenth century (Boyer, 2004). This phase recognizes growth amplified with
the advent of Taylorism and Henry Ford’s assembly lines, which was the moment
when “all-purpose” products left the production line at full speed, thus respond-
ing to increasingly intense consumer demands. The latest is Lean Manufacturing,
which is developed in Japan, and it was not until the late 1990s that it was accepted
as a viable production alternative (Hormozi, 2001), although Boyer (2004) situates
the development of Lean as early as 1945. Lean manufacturing attempts to use
the benefits of mass production in conjunction with just in time (JIT) principles
and waste disposal to minimize the total cost of producing a product (Hormozi,
2001). The latter paradigm is therefore characterized by large quantities produced
and more varieties of products than those offered by mass production (Hormozi,
2001). Fig. 2 provides a synopsis of the development of these three paradigms.
With each paradigm shift in production methods, pro-active countries toward
these significant changes have reaped the benefits of their market leadership
(Hormozi, 2001). For example, North America and Europe’s inability to adopt
Lean to compete in the 1980s cost them valuable profits and market shares in
some vital industries. Examples include the automobile, metal industry, consumer
electronics, and household appliances (Boyer, 2004). They have tried to beat their
competitors with massive investments in automation, often generating very costly
failures (Hormozi, 2001).
Based on this observation, many researchers and practitioners gathered in the
United States in 1991 to propose a new production method, AM (Nagel & Dove,
1991). Since 1991, many authors have taken this shift by proposing the bases of this
new paradigm, or simply by admitting it (Bottani, 2009; Brown & Bessant, 2003;
Goldman & Nagel, 1993; Gunasekaran, 1999; Gunasekaran & Yusuf, 2002;
Hormozi, 2001; Ramasesh et al., 2001; Ren, Yusuf, & Burns, 2003; Sharifi &
Zhang, 1999; Tidd & Bessant, 1997; Yusuf, Gunasekaran, Adeleye, & Sivayoga-
nathan, 2004; Yusuf & Schmidt, 2013; Zhang & Sharifi, 2000). However, while
the literature has been massively oriented toward the acceptance of a new para-
digm, two articles temper this evolution. Indeed, for Vázquez-Bustelo, Avella,
and Fernández (2007), AM is not fundamentally different from previous produc-
tion paradigms and models. While Lean manufacturing has been perceived as an
improvement of the mass production model, Vázquez-Bustelo et al (2007) argue,
however, that AM breaks with the mass model due to the production of highly
customized products and its focus on operational proactivity rather than reactiv-
ity. For Sarkis (2001), agility seems to be a paradigm at the meta-paradigm level.
Its engagement for waste disposal. This is achieved by combining

work in cross-functional teams dedicated to an activity, sharing
information, and focusing on continuous improvement and qual-
ity aspects. All unnecessary tasks are eliminated, and all steps are
aligned in a continuous flow of activity. This allows the design,
development, and distribution of products with a minimum of
human effort, tools, and overall expenses.
(Sarkis, 2001)
12
DevOps
2007
Agile
Manifesto TOYOTA
Scrum 2001
CRAFT KATA
1995 PRODUCTI INDUSTRY 2001
MASS ON 4.0
Befor 2011
PRODUCTI
ON 18Centry
19th-20th LEAN -JIT
END OF 20
Centry Centry
Fig. 2. The Production Modes Development and Agility Paradigm.

Therefore, if the emergence of AM is above all correlated with changes in

production methods, it is necessary first to characterize them quickly and then to
highlight other social phenomena and their consequences in the business world.
Indeed, today’s world is undergoing profound changes that need clarification and
goes beyond production methods.
Over recent years, fast-paced developments in information and communication
technologies and their integration into supply chains have led to the advent of the
fourth industrial revolution – “Industry 4.0” (Dalenogare, Benitez, Ayala, & Frank,
2018; Frank, Dalenogare, & Ayala, 2019). Business competition has increased as
a result of technological innovations and evolving customer requirements. This
changing transformation in business ecosystems will deeply influence operational
frameworks/models and management strategies to respond and adopt the new chal-
lenges in an evolving ecosystem (Barreto, Scheunemann, Fraga, & Siqueira, 2017).
Since the emergence of Industry 4.0, a growing number of enterprises have inte-
grated new industrial revolution principles and technologies to improve their pro-
ductivity and performance (Barreto, Scheunemann et al., 2017; Wagire, Rathore, &
Jain, 2019). The main strength of Industry 4.0 lies in its significant impact on many
aspects of society.
Seen from the perspective of the typical user, the influence of Industry 4.0 is most
clearly visible in the professional, domestic, and social spheres. Smart homes, smart
cities and offices, and e-health systems are just a few examples of likely scenarios
of how the new paradigm will transform the world (Marston, Bandyopadhyay, &
Ghalsasi, 2011). Similarly, the most noticeable impact of Industry 4.0 is estimated
to be in the areas of industrial manufacturing and management, supply chain, and
business process management (Strange & Zucchella, 2017). In today’s competitive
and fast-growing business environment (Pereira & Romero, 2017; Wu, Yue, Jin, &
Yen, 2016), companies must adopt emerging technologies in their business processes
and manage the increasing data flow in their value chain for efficient management.
Industry 4.0 includes automated systems that enable the customization, agility,
and responsiveness of manufacturing and service operations by providing data
from a diverse range of devices, sensors, and tools (Deloitte, 2015; Strange &
Zucchella, 2017). This leads to new capabilities in many fields, including new
product design, prototyping and development, remote control, testing and
diagnostics, preventive and predictive maintenance, traceability, needed health
monitoring systems, planning, innovation, real-time applications, and agility
(Strange & Zucchella, 2017). Industry 4.0 delivers significant business benefits,
including product customization, real-time data analysis, autonomous monitor-
ing and control, development and dynamic product design, and increased pro-
ductivity (Dalenogare et al., 2018).
2.3 Production Method Trends

As previously mentioned, manufacturing methods have evolved over the past 200
years. Also, the research argues that global performance is continuously chang-
ing, which requires attention and, above all, constant effort (Hormozi, 2001;
Sanchez & Nagi, 2001).
While economies of scale and the permanent quest for maximum efficiency
regarding production capacity constitute a rule for organizations to generate
profits, this mode of production creates rigid capabilities that lead to difficul-
ties in reconfiguring plants. This rigidity will gradually become a constraint to
changing production methods, particularly in Japan with Lean. Indeed, since the
early 1980s, organizations have considered the search for flexibility in production,
waste disposal, time reduction, and production cycles as priorities.
The economic and marketplace conditions have led to an increase in the vari-
ety of products and services required. Due to this phenomenon, markets appear,
change, and disappear at an alarming rate (Goldman & Nagel, 1993). These
changes need organizations to maintain productivity and cost improvement while
monitoring emerging demands and being able to re-engineer the production sys-
tem’s organization (McCarthy & Tsinopoulos, 2003) rapidly.
Thus, production has become more than just a transformation of primary
materials into marketable products. It is about a transformation of information
(customer needs, design data, data production, etc.), geographical transforma-
tion (“logistics”), and availability transformation (“stock and deadline control”).
Indeed, manufacturing is today the process of transforming an idea into a physi-
cal and desirable product (McCarthy & Tsinopoulos, 2003).
The concept of AM is first appeared in the Lehigh University report
entitled “21st Century Manufacturing Enterprise Strategy”: An Industry-Led
View (Nagel & Dove, 1991), then several articles of different types (research and
popularization) were published to develop the concept or accept it (Gunasekaran,
1999; Gunasekaran & Yusuf, 2002; Sharifi & Zhang, 1999; Zhang & Sharifi, 2000).
In summary, manufacturing systems are complex adaptive systems, whose con-
figurations have evolved through different modes such as artisanal production, mass
production, lean manufacturing, and agile production. Fig. 3 proposes a synopsis of
the changes in the various production methods and their associated characteristics.
2.3.1 Lean Manufacturing

Japanese experts (Ohno, 1988) have taken the world of manufacturing by storm,
as well as continuous research since the 1970s that have identified the advantages
of lean manufacturing management practices (James-Moore & Gibbons, 1997).
As a result, value-added production can provide managers with a way to structure
their manufacturing facilities (and the organization as a whole) to become more
productive and efficient (Womack et al., 1990).
Its engagement for waste disposal. This is achieved by combining

work in cross-functional teams dedicated to an activity, sharing
information and focusing on continuous improvement and qual-
ity aspects. All unnecessary tasks are eliminated and all steps are
aligned in a continuous flow of activity. This allows the design,
development and distribution of products with a minimum of
human effort, tools and overall expenses.
(Womack et al., 1990)
Reconfigurable
Flexible
Specialized
Comprehensive
Fig. 3. The Evolution of Production Modes.
The Lean Manufacturing has been defined by Bamber, Hides, and Sharp
(2000) as a set of principles and practices that aim to eliminate all waste from the
system and is based on the maximum use of resources by focusing on the reduc-
tion or elimination of waste and activities without added value in the system
(Bamber, Hides et al., 2000) in a study on reducing lean meat consumption.
Many manufacturing players have promoted Japanese manufacturing meth-
ods such as JIT, Kaizen, Total Quality Control, and worker incentives such as
total employee participation have revolutionized the business world (Csillag,
1988; Dertouzos, Lester, & Solow, 1989; Willmott, 1994). However, Womack
et al. (1990) have shown that, based on research on Japanese manufacturing
firms, it is clear that the Japanese production paradigm did not happen overnight.
Other researchers in the manufacturing field (Bicheno, 1994; Cheng & Podolsky,
1996; Cusumano, 1994) go so far as to assert that the gradual transition between
extreme. Tayloristic mindsets in planning material requirements and inspecting
buffered systems, a lean manufacturing system structured according to tasks, con-
tinuous improvement, JIT and quality assurance, and the multi-skilled worker
from one production to another could have predicted.
The limitations of lean manufacturing regarding adverse effects, including the
lack of young workers willing to work in factories, excessive product variety, and
extreme pressure on suppliers, were highlighted by Cusumano (1994). Neverthe-
less, Japanese experts (Ohno, 1988) have worked closely with major companies
such as Toyota, acting as pioneers, to develop lean manufacturing. According
to Bicheno (1994), these Japanese experts knew that the organizations should
satisfy the JIT, Total Quality (TQ), and Team Involvement (TI) (Sharp, Irani,
& Desai, 1999) to become a world-class factory manufacturing. The trilogy
is presented in Fig. 4. Where we can see that beyond factory production, a
THE TRILOGY
LEAN
MANUFACTURING
JIT
Distribution
Supply
TQ TEAMS
MANUFACTURING
COSTUMER
Fig. 4. The Manufacturing Trilogy of JIT, TQ, and TI.
lean company also requires supplier participation, distribution logistics, efficient

design, and attention to service. Therefore, as shown in Fig. 4, JIT can be con-
sidered to take place mainly within the plant, and lean manufacturing pushes the
boundaries regarding supply chain mechanics.
According to Bicheno (1994), the objective of the JIT is to continuously elimi-
nate waste and reduce delays at each stage, from raw material to end customer
and from concept to market. On the other hand, lean manufacturing aims to
design and produce products and support services that exceed customer expecta-
tions regarding quality, cost, and time. Also, Womack et al. (1990) discuss waste
reduction using lean thinking as being primarily focused on the following achiev-
able objectives:
⦁⦁ the use of half the space;

⦁⦁ the use of half of the investment in tools;
⦁⦁ reduce human effort by half;
⦁⦁ reduce time less than half;
⦁⦁ use less than half of the inventory;
⦁⦁ reduce the defects less than half;
⦁⦁ increase product variety; and
⦁⦁ improve customer service.
To understand the lean production paradigm, Sharp et al. (1999) developed a

list of lean production characteristics, based on a review of the lean production
literature, as follows:
⦁⦁ a focus on the client’s interests;

⦁⦁ collaborate closely with suppliers in all areas;
⦁⦁ share the gains and benefits of collaboration;
⦁⦁ respect all functional and operational areas and personnel of the company and
its suppliers;
⦁⦁ the skills and contributions of all people are highly rated and valued;
⦁⦁ design and manufacturing functions collaborate on an ongoing basis, in par-
ticular, to support, or promote the cause of quality, or to reflect the interests
of the customer; and
⦁⦁ the development and operation of production processes are oriented toward the
continuous improvement of operational efficiency and the prevention of defects.
2.3.2 Total Quality Management

The concept of Total Quality Management (TQM) depends on the total commit-
ment of each employee within the company and cannot be achieved through qual-
ity systems alone (Atkinson, 1990). This view prevails because quality systems
traditionally focus on quality assurance and quality control rather than TQM (Bam-
ber, Hides et al., 2000). Also, Atkinson (1990) added that while it is important to have
quality systems, such as the ISO 9000 series of standards on quality management sys-
tems, it is essential not to stop there, but to continuously improve quality, beyond the
requirements of the standards by creating cultural change. Continuous improvement
and culture are therefore defined in TQM’s literature as the key to organizational
success. There are diverging views on what constitutes a TQM organization, for
example Crosby (1979) defines the four pillars on which a quality program is based,
management involvement, professional quality management, original programs, and
recognition, while McNally (1993) has defined in more detail a framework, shown in
Fig. 5, that includes a more rigorous vision of TQM than Crosby definition.
DeToro and Teener (1992) state in their QM model that leadership, qual-
ity, policy, communication, recognition, measurement, education, training, and
Fig. 5. A Model of a TQM System Source.

support structure are key elements of QM. The model also incorporates the
concept of three total quality principles: total participation, process improve-
ment, and customer focus, which are universally recognized as catalysts for TQM
and are discussed in the literature (Crosby, 1979; Deming, 2000; Ishikawa, 1985;
Juran, 1986; Xiao, Ford, & Feigenbaum, 2013).
Fig. 5 provides a quality management framework that requires responsible
managers and effective leadership, values, attitudes, and behaviors that support
quality policy, communication, teamwork, recognition, internships, and training
to implement quality management.
2.4 Agile Management Paradigm Evolution

In their paper, Rattner and Reid (1994) present increased global competition as
the main reason for developing a new approach to production management that
integrates agility into work processes. Therefore, in 1969, Skinner (1969) led the
way by considering that a manufacturing strategy should be the primary driver
of a competitive business strategy and that it was the missing link in the business
improvement efforts of many organizations. Beyond the perceived underlying
trend of change, the emergence of a new business era has given way to the emer-
gence of a new commercial era.
2.4.1 Change Management

Change management has already mentioned as necessary for organizations to
remain competitive. Ho (1999b) Argues that a change in an organization would
lead to a change in organizational culture in the long term. A typical example
is a leading organization, where people are enthusiastic about trying new ideas
and recognize that failure is an essential part of success. The traditional process
of strategic change that can be summarized in five key steps (Ho, 1999b) and
illustrated in Fig. 6 shows the previous relationships of deploying the vision of an
organization, whose mission is the vehicle for behavior and changing actions to
cultural development in the organization.
Fig. 6 presents a new paradigm suggested in a later publication by Ho (1999a),
which provides the same elements in the process of cultural change, but the ele-
mentary precedents are different, that is, action now becomes the starting point
for cultural change.
In the same way as this proposed new paradigm for strategic change manage-
ment, the work of Peters and Waterman (1984) has learned from more than 46 suc-
cessful companies that most of them choose “action” as the first step in their quest
for excellence. The new idea advocated by Ho (1999a), illustrated in Fig. 7, is that
action leads to a change in employee’s behavior and a change in culture follows.
Vision Mission Behavior Action Culture
Fig. 6. The First Strategic Change Process.

Action Behavior Mission Vision Culture
Fig. 7. The Second Strategic Change Process.
This results from the leadership process, and as Revans (1983) said: “There is
no learning without action and no action without learning.” This could provide
the argument that learning and change are synonymous. Ho (1999b) discusses
in more detail that if learning has been successful, organizational behavior will
be taken to a dynamic and challenging level, which will give the organization a
culture of continuous improvement.
The concept of continuous improvement is an example of what strategy theo-
rists have called “dynamic capacity” (Teece & Pisano, 1994). In their paper, Tidd
and Bessant (1997) suggest that dynamic capacity through continuous improve-
ment (the advantage of innovation) over price alone is no longer a viable strategy
for most companies and, therefore, Meredith and Francis (2000) have suggested
that “competitive advantage is increasingly based on a dynamic ability to be com-
petitive, in an environment of frequent difficult, and often unpredictable change.”
Also, have a capacity to learning provides mechanisms for a high organizational
proportion, participates in its innovation, and adapts to processes supporting
competitiveness.
Numerous authors consider the ability and capacity of an organization to
successfully foster and manage change through innovation and continuous learn-
ing to be a significant strategic advantage. For example, Bessant and Francis
(1999) explained that when a large proportion of an organization engages in
learning and innovation processes:
Its strategic advantage is essential as a group of behavioral rou-

tines - but this also explains why it offers a considerable competi-
tive potential, because these behavioral patterns take time to learn
and institutionalize, and are difficult to copy or transfer.
Also, Sharp et al. (1999) and Castka et al. (1991) discussed participation in
the change process as a factor in reducing resistance to change and improvement,
indicating a strong link between learning and innovation participation and suc-
cessful organizational change.
Rattner and Reid (1994) presented the development of increased global com-
petition as the primary responsibility for developing a new production manage-
ment approach that integrates agility into work processes (Rattner & Reid, 1994).
Therefore, Skinner (1969) had already led the way in 1969 by considering that
a manufacturing strategy should be the primary driver of a competitive busi-
ness strategy and that it was the missing link in the business improvement efforts
of many organizations. As mentioned in the previous paragraph, the underlying
trend toward perceived change has laid the foundations for the emergence of a
new commercial era beyond traditional sectors such as mass production, world-
class manufacturing principles, and lean manufacturing.
A new manufacturing paradigm, known as “agility,” was described in a report

published by the Iacocca Institute at Lehigh University in 1991 “21 Century
Manufacturing Enterprise Strategy: An industry-led perspective” (Nagel, 1992).
The purpose of the twenty-first century Enterprise Manufacturing Strategy
Report was to identify the american industry’s needs in terms of restoring manu-
facturing competitiveness. It concluded that the gradual improvement of current
production systems in 1991 would not be sufficient to become competitive in the
current global market (Nagel, 1992). Based on this early concept of agility, Lehigh
University has led the way in developing the AM paradigm through research, focus
groups, and industrial collaboration (Dove, 1995). The Agility Forum’s work, ini-
tially focused on agility, has evolved as follows the early developments of agility as
a concept and has contributed significantly to AM theory (Kidd, 1996).
Being agile means mastering change – and allowing an organization to do
whatever it wants to do whenever it wants. The agility is dynamic, contextually
appropriate, aggressively changing, and growth-oriented (Dove, 2002). It is not
a question of improving efficiency, reducing costs, or blocking the company’s
hatches to overcome the fierce storms of competition. The challenge is to succeed
and win profits, the market share, and customers at the very heart of the competi-
tive storms that many companies are worried today (Goldman & Nagel, 1993).
Agility is the organization ability to respond quickly and effectively to unfore-
seen opportunities and develop proactive solutions to potential needs. They result
from the fact that an organization’s and/or its members cooperate in the interest
of the individual, the organization, and their clients (Nelson & Harvey, 1995).
Kidd defines Agility as the capacity to prosper and thrive in a competitive envi-
ronment characterized by continuous and unpredicted change, to react quickly
to rapidly changing markets through customer-focused product and/or service
evaluation. The upcoming business system will replace today’s mass production
companies (Kidd, 1996).
These definitions describe agility in terms of results; therefore, do not precisely
define agility or how it can be implemented, although the work of the American
Forum on Agility has done much to provide operationalized features of agility.
According to research conducted by the Agility Forum, “AM” is defined as
the ability to thrive in a competitive environment characterized by continuous
and unexpected changes to respond quickly to rapidly changing markets with
customer-specific products and services (Dove, 2002). Consequently, underlying
agility is the ability to adapt or reconfigure quickly in response to changes in
the business environment, which involves controlling change as described by the
Agile Forum (Goldman & Nagel, 1993); or the ability to change as described in a
publication by Kidd (1996) to manage significant uncertainties and unpredictable
events. Therefore, researchers at Lehigh University (Sarkis, 2001) have expressed
AM as having four main underlying dimensions of
⦁⦁ a form of change management and uncertainty (an entrepreneurial organization);

⦁⦁ enrich customers, products, and solutions (provide global solutions);
⦁⦁ capitalize on people through knowledge and information; and
⦁⦁ co-operate to improve competitiveness – virtual partnerships (collaboration).
2.4.2 Change and Uncertainty Mastering in the Entrepreneurial

Organization
Agile competitiveness requires the ability to thrive on change, unpredictability,
and uncertainty. Companies with traditional hierarchical and bureaucratic struc-
tures with command and control management were seen as unable to respond
quickly to the needs of a changing environment.
Many experts argue that for an agile enterprise, the structure should work as
flat as possible to be dynamic, progress toward agility and thereby control change
and unpredictability. Organizations must learn how quickly mobilize their people
by adopting a flatter and more entrepreneurial organizational strategy. To achieve
this, people must have broader responsibilities than a traditional line organization
and have the authority and empowerment needed to respond to clients’ changing
needs.
An agile approach to manufacturing faces the reality of a dynamic business
environment, where customers and markets are increasingly fragmented and spe-
cialized. Companies evolving in turbulent markets have developed an inherent
and agile capacity, particularly in the design of manufacturing processes, using
rapid prototyping and simultaneous engineering techniques.
Therefore, Dove (1995) has demonstrated that rapid prototyping can be used
in some cases to provide a strategic competitive advantage, by winning market
share through the capacity to reduce at least 75% of the design-to-market time.
2.4.3 Work on Agility

The research on agility produced by the Iacocca Institute (Dove, 1995) and subse-
quently produced and tested an infrastructure framework for AM has continued
to develop. This framework was developed from a set of competitive foundations
and common characteristics, system elements, and enabling subsystems for agil-
ity, which were developed based on industry-led research. These are represented
in Fig. 8 as infrastructure for and have been the subject of much research and
improvement within the industry (Dove, 1995; Goldman & Nagel, 1993).
As illustrated in Fig. 8, the Agility Forum developed the theory of agility in a
framework that incorporates concepts from many disciplines into a coherent set
of business elements. In her review of these elements of the company, Termini
(1996) suggests that they contribute to the core competencies of the:
⦁⦁ appropriate and consistent technological innovation;

⦁⦁ ability to proactively identify market opportunities;
⦁⦁ ability to develop and maintain a diverse and educated workforce;
⦁⦁ enhancement of communication and data processing networks;
⦁⦁ capacity to provide low-cost and customized market products; and
⦁⦁ capacity to provide market-oriented products.
In their paper, Hooper and Steeple (1997) draw the structure of AM and its inter-
relationship with other manufacturing methodologies and, like Fig. 8 of the Agility
Forum framework, suggest that AM should be considered as a general expression
Fig. 8. Agile Entreprise.
that encompasses the integration of several diverse systems, technologies, and phi-
losophies. The structure of AM is a customer-focused manufacturing model and
is broadly similar to the TQM; however, the concept of virtual enterprises and
decentralized organization are elements. In their paper (Hooper & Steeple, 1997),
researchers provide a model structure, for agile enterprise Fig. 9, which seems insuf-
ficient as a framework for entrepreneurial activity since the search for opportunities
in new markets is not represented. However, it is taken into account in the model of
the agility, Fig. 8 as involved enabling subsystems.
For an organization, continuous awareness of the operating environment
is required to assess the business’s potential risk, as demonstrated by the agile
business framework illustrated by Dove (1995) and presented in Fig. 9. In
this context, Meredith and Francis (2000) discussed the need for a thorough
environmental scan, which organizations need to identify market opportunities.
According to Kidd (1996), the fundamental resource of an agile enterprise is
“knowledge” and, like the main dimension of the agility of the American agile
forum, the “mobilization of human resources through knowledge and informa-
tion,” he suggests, if people and knowledge are exploited.
Customer wants
and needs
Supplier
Flexible
Human Resource
Flexible Core Virtual

Manufacturing Business Companies
systems
Decentralization
Organization Competitors
Customer
Solutions
Fig. 9. AM Structure.
The resulting agility offers a competitive advantage, responding

quickly to market changes while exploiting a fundamental resource:
knowledge. It is necessary to bring people together in dynamic
teams formed according to clearly focused market opportunities to
take advantage of each other’s knowledge. Through this process,
we seek to transform knowledge into new goods and services.
(Kidd, 1996)
In its report, Kidd (1996) suggested that AM can be considered as the integra-
tion organization, highly qualified, and knowledgeable personnel and advanced
technologies to achieve cooperation and innovation in response to the need to
provide customers with high quality customized products. This concept is cen-
tral to his book “Agile Manufacturing: Forging New Frontiers” and is illustrated
in Fig. 10. Therefore (Kidd, 1995), each organization must develop a method-
ology to integrate the organization, staff, and technology to enable these three
primary resources to adapt through a coordinated and interdependent system.
Fig. 11 shows the structure of an AM Enterprise.
A new manufacturing paradigm, known as “agility,” has been proposed as a
winning concept through which companies maintain their competitive advantage
into this new era. Agility concept includes two factors:
Fig. 10. The Structure of an AM Enterprise.
Agile
Lean
Mass
Craft
Past Present Future
Fig. 11. A Progression of Manufacturing Paradigms.
⦁⦁ respond to changes (planned or unexpected) in an appropriate and timely man-

ner and
⦁⦁ leverage change as an opportunity.
Lean Agility
Craft Skills
Fig. 12. Common Attributes and Skills.
There are many unities between lean and agility, such as the effective best prac-
tice use of tools and techniques, to improve the company’s effectiveness and effi-
ciency, as shown in Fig. 12.
Initially, agility focuses on economies of scope rather than economies of scale
(Dove, 2002). Lean operations are generally associated with the efficient use of
resources. The concept expresses an effective response to a changing environment
while being productive. Agile organizations are not just able to implement changes,
but also react to premeditate and unforeseen environmental events in just time.
2.4.4 Agile Continuous Delivery Methods

2.4.4.1 Scrum. Throughout the 1980s and 1990s, the fast-moving and highly
competitive world of new commercial product development is essential, as is
speed and agility. Companies are increasingly aware that the old sequential
approach to new product development is simply inefficient. In contrast, com-
panies in Japan and the United States use a holistic rugby-inspired method,
where the ball is passed into the team as it moves up the pitch (Imai, Nonaka,
& Takeuchi, 1984; Pittman & Russell, 1998).
The research focus started to be attracted by the recognition that there was a
new product development game (Takeuchi & Nonaka, 1986) that focused on a
more flexible and iterative approach to thinking. The increased use of the Internet
in the early 2000s simply increased the pressure for rapid time-to-market, which
acted as a further catalyst for a revision of the orientation of alliterative and
incremental development with agility.
In 1995, Beck and Boehm (2003) presented Scrum for the first time at the OOP-
SLA conference in Austin, Texas. They were struggling with the status quo in
software development, particularly with regard to waterfall project management
approaches. At that time, the projects and companies they were involved in were
failing and due to the pressure, they felt compelled to move in a different direction.
Meanwhile, lean management and control of empirical processes as well as
iterative and progressive development practices were beginning to emerge. Influ-
enced by this emergence, the works of Takeuchi and Babatunde Ogunnaike, which
described the key elements of success in new product development (self-organized
project teams, overlapping development phases, multiple learning, and transfer of

learning) and referred to the game of rugby when they summarized it as “moving
the Scrum downfield” Ken and Jeff accordingly labeled their approach “Scrum.”
Therefore, Ken and Jeff named their approach “Scrum.” (Maximini, Maximini,
& Rauscher, 2018).
In 2001, the first book on Scrum entitled “Agile Software Development with
Scrum” was published, followed by “Agile Project Management with Scrum” in
2004, which outlines the ideas in more detail. In 2011, as Scrum co-creators, Ken
and Jeff are writing and publishing the Scrum Guide. Since then, this 16-page
document has become the official guide to Scrum (Maximini et al., 2018).
2.4.4.2 Agile Manifesto. In 2001, the Agile Manifesto was created by 17 of the
world’s leading software development thinkers. Their vision was to establish a set
of values and principles lightweight against cumbersome software development
processes such as Cascade Development and methodologies as Rational Unified
Process. One of the main objectives was to “deliver functional software at regular
intervals, ranging from two weeks to two months, favoring the shortest possible
lead time,” emphasizing the need for small batch sizes, progressive releases rather
than large cascade releases. Other principles highlighted the need to have small,
motivated teams working in a high-confidence management framework. Agility is
credited with dramatically improving productivity of many development organi-
zations (Maximini et al., 2018).
2.4.4.3 DevOps. In 2009, at the O’Reilly Velocity Conference, two Flickr
employees, John Allspaw, Senior Vice President of Technical Operations, and Paul
Hammond, Director of Engineering, delivered a now-famous presentation enti-
tled “10+ Deploys per Day: Co-operation between Developers and Flickr Opera-
tions” (Ebert, Gallardo, Hernantes, & Serrano, 2016; Maximini et al., 2018). They
emphasis how they created common goals between Dev and Ops and used ongo-
ing integration practices to integrate deployment as part of everyone’s daily work.
Later, at 2009 the first DevOpsDays was organized in Ghent, Belgium. There the
term “DevOps” was coined. Based on the development discipline of continuous
build, test, and integration, Jez Humble and David Farley (2016) have extended the
concept to continuous delivery, which defines the role of a “deployment pipeline”
to ensure that code and infrastructure are always in a deployable state, and that all
code stored in the trunk can be safely deployed into production (Read, Report, and
Takeaways). DevOps also extends and develops the practices of the infrastructure
as code, which work of Operations is automated and treated as application code,
consequently that modern development practices can be applied to the entire devel-
opment workflow. This further enables a rapid deployment workflow, including
continuous integration (Jacobson, Booch, Rumbaugh, 1999) continuous delivery
(Humble & Farley, 2010) and continuous deployment.
2.4.4.4 Toyota Kata. In 2009, Mike Rother authored “Toyota Kata”: Man-
aging People for Improvement, Adaptiveness and Superior Results book, which
summarizes his 20 years of experience to understand and codify the Toyota pro-
duction system (Rother, 2009). Rother concluded that the Lean community lack-
ing the most significant practice of all, which he named the improvement kata.
According to Rother, every organization has work routines, and that improvement
kata requires the creation of a structure for the quotidian and habitual practice of
enhancement work, because it is the daily practice that improves results. The con-
tinuous cycle of establishing target future states, setting weekly goals and improv-
ing daily work is what has driven Toyota’s improvement (Soltero & Boutier, 2017).
Summary
Today, changes are faster than ever. Turbulence and uncertainty in the business
environment have become the primary cause of manufacturing industry failures
(Small & Downey, 1996). The perception of a need for change to initiate the emer-
gence toward a new commercial era goes beyond traditional sectors (mass pro-
duction and lean manufacturing) (Dove, 1991). A new manufacturing paradigm,
known as “agility,” has been proposed as a strategy to maintain a competitive
advantage in this era. The paradigm expresses the organization’s ability to cope
with crisis times, unexpected changes, survive to modern environmental threats,
and take advantage of change as opportunities (Goldman et al., 1995).
The concept of agility has emerged from the flexibility and lean manufacturing
(Dove, 2002; Kidd, 1995) and was adopted by software organizations in the form
of agile system development (Aoyama, 1998; Beck et al., 2001). Until emerging as
a key function of information systems.
Industry 4.0 is an inevitable revolution covering a wide range of innovative
technologies such as cyber-physical systems, Radio Frequency IDentification
(RFID) technologies, IoT, cloud computing, big data analytics, and advanced
robotics. The Industry 4.0 paradigm is transforming business in many industries;
for example automotive, logistics, aerospace, defense, and energy sectors. A grow-
ing amount of academic research is focusing on Industry 4.0 technologies and
implementation issues (Frank, Dalenogare, & Ayala, 2019; Ghobakhloo, 2018).
Industry 4.0 enables real-time planning and control, allowing companies to be flex-
ible and agile in responding to rapidly changing conditions; for example reducing
planning cycles and frozen periods by faster reacting to changes in demand, sup-
ply, and prices (Oztemel & Gursev, 2020). Business analytics approaches provide
the capability of predicting future events and patterns such as customer behavior,
delivery time, and manufacturing output. Real-time delivery routing and tracking
also enables organization’s flexibility, efficiency, and agility (Barreto, Amaral, &
Pereira, 2017; Cui, Kara, & Chan, 2020).
In Chapter 3, we discuss the development of information systems until intro-
ducing the agility concept.
Chapter 3
Information System Evolution
Abstract
This chapter presents an analysis illustrating the evolution of information
systems’ development based on three interdependent phases. In the first
period, information systems were mainly considered as a strictly technical dis-
cipline. Information technology (IT) was used to automate manual processes;
each application was treated as a separate entity with the overall objective of
leveraging IT to increase productivity and efficiency, primarily in an organiza-
tional context. Secondly, the introduction of networking capabilities and per-
sonal computers (instead of fictitious terminals) has laid the foundations for
a new and broader use of information technologies while paving the way for a
transition from technology to its actual use. During the second phase, typical
applications were intended to support professional work, while many systems
became highly integrated. The most significant change introduced during the
third era was the World Wide Web, which transcended the boundaries of the
Internet and the conventional limits of IT use. Since then, applications have
become an integral part of business strategies while creating new opportu-
nities for alliances and collaborations. Across organizational and national
boundaries, this step saw a transformation of IT in the background. These
new ready-to-use applications are designed to help end-users in their daily
activities. The end-user experience has become an essential design factor.
3.1 Introduction
First generation information systems were mainly considered as a strictly technical
discipline. To automate existing manual processes, each application is considered
a separate entity, and its use aims to increase organizational productivity and effi-
ciency. As a result, the primary efforts of IT professionals have been to develop new
methods for modeling organizational information; hence, database management
was the “killer application” (Chen, 1976; Halpin, 2001). Also, the possibility of
networking and advent of personal computers (instead of terminals) has provided
the cornerstone for a new and broader use of information technology (IT), which

doi:10.1108/978-1-80043-810-120211004
promotes a transition in the use of technology and its use. However, the second
phase’s conceptual challenge was to manage the information rather than merely
collect it and store it in a central database. (Aiken, Liu Sheng, & Vogel, 1991; Batra,
Hoffer, & Bostrom, 1988; Dennis, George, Jessup, Nunamaker, Jr, & Vogel, 1988;
Drucker, 1995; Gallupe, DeSanctis, & Dickson, 1988; Olson, 1985; Zwass, 1992).
The designation of the services reflected this commitment to support management
rather than office work: most IT services became management services and were
coordinated by IT system managers (Couger, Zawacki, & Oppermann, 1979).
However, during this period, the most of Information System (IS) activities
focused primarily on data management, with little attention to information man-
agement needs (Goodhue, Quillard, & Rockart, 1988; Senn, 1978).
Since the 1980s to the early 1990s, research has focused more on identifying
relevant IT applications, which has led to new applications, supported through
generic system types, in data processing systems and management information
system (MIS). CIOs realized that it is possible to effectively leverage the advanced
information content of MIS applications in support of top management’s deci-
sion-making processes. Thus, during the second phase, a new concept was devel-
oped, including decision support systems (Kasper, 1996), expert systems (Yoon,
Guimaraes, & O’Neal, 1995), data warehousing (Chenoweth, Corral, & Demir-
kan, 2006), intelligent system (Gregor & Benbasat, 1999), knowledge manage-
ment systems (Alavi & Leidner, 2001), and executive information systems (Walls,
Widmeyer, & El Sawy, 1992).
The management services were renamed information systems’ services. The
primary objective of which was to make information accessible to all departments
of the organization. Issues of inter-connectivity, scalability, and reliability of the
information system have become essential. Also, enterprise resource planning
(ERP) software is emerging with an exponential increase in installations in large
organizations (Beatty & Smith, 1987; Hayes, Hunton, & Reck, 2001; Scheer &
Habermann, 2000; Sharif, Irani, & Love, 2005).
In the third phase, the most critical change introduced was the emergence of
global networks and the World Wide Web, which have overcome the traditional
limitations of IT use.
Since then, applications have become an integral part of business strategies
and created new opportunities to develop alliances and collaborations beyond
organizational and national boundaries (Lyytinen & Rose, 2003; Walters, 2001).
Many researchers perceive Internet computing as a significant computer revo-
lution that has changed previous computer concepts (Isakowitz, Stohr, & Balasu-
bramanian, 1995), in different ways, mainly how a computer service is developed
and compiled. A new concept marked this phase: the “digital enterprise” (Bauer,
Poirier, Lapide, & Bermudez, 2001).
The Internet has enabled new digital relationships to be established through
inter-organizational systems, taking advantage of e-commerce and e-business
trends (Allen, 2003; Daniel & White, 2005; Shore, 2006), electronic markets
(Albrecht, Dean, & Hansen, 2005; Bakos et al., 2005), new application services
and Customer Relationship Management (CRM), other services (Currie, Mcco-
nnell, Parr, McClean, & Khan, 2014; Ma, Pearson, & Tadisina, 2005; Susarla,
Barua, & Whinston, 2006). The Internet has allowed the emergence of new
Information System Evolution 31
business models that support organizational operations based on the degree of

digitization of their products, or services sold, their business processes or the
delivery agent (Oetzel, 2004; Turban, 2007).
Meanwhile, organizations have become aware of the strategic importance of
information systems. While some initially considered IT as “necessary evil,” IT
had emerged as a necessary part of staying in business, and most companies see
it as an essential source of strategic opportunities, proactively trying to determine
in what way it can help them gain a competitive advantage.
Strategic information systems have been developed to support strategy for-
mulation and planning, particularly in uncertain and highly competitive environ-
ments (Buhalis, 2004; Newkirk & Lederer, 2006).
The third phase marks the technological development in terms of miniaturiza-
tion of the devices and increasing processing capacity, which ultimately allowed
them to be commercially exploited in line with their functions.
The manifestation of IT devices in physical space makes it possible to offer
new applications and services that target a much larger and more diverse group
of users. Traditionally, users had to be trained in the functionalities of the infor-
mation system. This training process could be supplemented either formally or
through repeated trial and error.
The Vision of “everyday computing” requires that information technologies
can be used, literally, by everyone, regardless of their knowledge and experience
in computing. Wireless sensors can detect and process information about the indi-
vidual and trigger the system response based on certain dynamic or predefined
events. User-system interactions are extended beyond the desktop concept. Envi-
ronmentally driven technologies (Hand-gesture recognition) (Alewine, Ruback,
& Deligne, 2004; Sawhney & Schmandt, 2000) encourage more realistic commu-
nication with the new IS class.
Fig. 13 illustrates the evolution of information systems.
Fig. 13. The Evolution of Information Systems.

3.2 Information System Definition and Objective

Nowadays, organizations are more open to the outside world than ever before,
forcing managers to seek the adequacy and coherence between external and inter-
nal factors and the content of the company’s strategy. As such, information is the
nerve center of war and development. The need to collect, process, and diffuse
information, the need for increased coordination of activities inside and between
companies, are emerging sources of competitive advantage. Fig. 14 illustrates the
systemic view of the company and the environment.
The information system must address these needs through new information technol-
ogies and the implementation of knowledge management systems (KMS) appropriate
to the technologies acquired to put external knowledge to the benefit of the company
and facilitate the internal distribution of knowledge (Galliers, 2006). ICT-based
Competitiveness
Politics Technologies
Demand-
Groupings of
Customers
Interests
Others
INFORMATION
Partners Banks
Third-Party
Supplier
• Monitoring and decision-making
information system. Project-
• Piloting information system teams
• operational information system
Fig. 14. Systemic View of the Company and the Environment. Source: Galliers
(2006).
KMSs accelerate information flows, remove non-value-added tasks, enhance process

reliability and quality, support tacit and explicit knowledge, promote knowledge
sharing across the organization, and facilitate decision-making (Halawi, Aronson,
& McCarthy, 2005; Wickramasinghe, 2003). However, new information technolo-
gies do not always guarantee the efficiency of modern information systems, which
require new critical success factors. Thus, the continuous and coherent evolution of
information systems constitutes the major problem facing companies. Organizations
are confronted with some issues, including the integration, interoperability, and
agility of information systems in the context of their company strategy to ensure
evolution in correlation with unpredictable internal and external changes.
3.3 Information System Concept

Regardless of its size, purpose, or means, any human organization has an infor-
mation system to support its internal activities and its exchanges with the outside
world, as shown in Fig. 15. Today, the information system is at the heart of the
functioning of any organization. It reflects its image through the data it handles,
and its efficiency determines its performance. In this way, information systems are
associated with the notion of organization.
The Information System is the company’s nervous system. As such, it is at the
heart of its processes and an essential element of its strategy. On the other hand, the
term system indicates that it is a set of interacting elements and not a simple combina-
tion of its elements. In this context, Enterprise Information Systems constitute as an
interactive set of all informational situations. Even more, the complex interplay of all
the exchanges of information necessary for the proper functioning of the company.
It is at the heart of the quest for competitive advantage not only in terms of improv-
ing the way the company operates and is a tool for serving its users and serving its
strategy, where information is considered the vital raw material for its operations. In a
company, the information system constitutes a network of dynamic and logical links
that support the interactions between the organization’s different elements.
People Information
(Users and acquisition
specialists)
Data Information
(Knowledge, models) storage
Information
Systems
Materials Information
(Support, Machines) processing
Procedures and
Information
Softwares
sharing
(Programs and
methods)
Fig. 15. Information System Structure.

Rather than being wiring that passes data between different locations, the
information system represents an effective way of connecting people. It capital-
izes collective knowledge, actively structures the organization and management,
and ensures the availability of relevant information where and when it is needed
while ensuring the company’s responsiveness and its communication with the
environment (markets, partners, etc.).
The objective of the information system is to allow the decision-maker to have
information that will enable them to decide a suitable action at the right time
(Dove, 1995; van Grembergen & De Haes, 2009a; Zhang & Sharifi, 2000).
There are various definitions related to the information system: an informa-
tion system consists, at least, of a person of a given psychological type who faces
a problem in an organized context for which he needs evidence to arrive at a solu-
tion, where a presentation method makes the proof available. It determines the
main variables of a MIS (Mason & Mitroff, 1973).
According to Dove (1995), Van Grembergen and De Haes (2009a), and Zhang
and Sharifi (2000), an Information system is an organized set of resources:
⦁⦁ People: users and developers,

⦁⦁ Data: knowledge and models,
⦁⦁ Equipment: computer machines and supports, and
⦁⦁ Software and procedures: data-processing programs, allowing to execute the
following functions: acquisition, processing, storage, and communication of
information in various forms in an organization.
Information systems are systematically defined as follows:

According to Dove (1995), a company information system can be perceived
as the company’s subsystem, hence a system that embraces all components with
informational-type interactions. The purpose of this database is to provide the
information necessary for the company’s operations at various levels.
Based on Bernard & Le Moigne (1978), an organization is defined as the com-
position of three types of systems as shown in Fig. 16.
The operating system responds to daily events, coming from the environment,
according to defined rules. It is responsible for transforming primary resources
or flows (Input Variables) of financial, personnel, material, or information types
into finished products or services (output variables).
The decision-making or piloting system allows the initiation of the decision-
making process while defining the objectives, the evaluation criteria, and the man-
agement rules in advance. It manages the company and stays focused on his goals.
The information system interconnects the two previous systems while acting
as a coupler. It is the party responsible for collecting, processing, storing, and
disseminating information. This can be seen as a representation of the operating
system’s activity and/or the control system. For this IT system view, the typology
of information systems is based on the primary purpose: information systems
supporting operations (transaction processing, industrial process control, etc.)
and MISs supporting management (assistance with report production, decision
support, etc.) (Dove, 1995; van Grembergen & De Haes, 2009a).
Decision-making
system
Representation of information Decision

information
to be information to
Decision information
memorized be memorized
Information Systems
Representation of information
Information
to be
memorized Information
saved
Operating System
Fig. 16. A Systemic View of an IS.
3.4 Concepts of Enterprise Application

An Enterprise Information System (EIS) can contain a multitude of computer appli-
cations. An enterprise application is a set of programs, or software, articulated between
them, and used to automate or assist information processing tasks in a particular area
within the company (Imache, Izza, & Ahmed-Nacer, 2012; Walls et al., 1992).
According to Hasselbring (2000), the main characteristics of an application are:
⦁⦁ The application components it contains, which represent the coherency of the

application’s sub-assemblies (modules or software).
⦁⦁ The application field(s) (context of use) defines either structurally (a workstation,
a department) or functionally (a management function: maintenance, orders).
⦁⦁ Functionality that refers to a set of tasks supported by the application.
⦁⦁ The data processing means the various forms of information used and pro-
duced by the application – the different human resources, software, and hard-
ware used by the application.
Fig. 17 presents a summary of these characteristics, using the UML notation.
3.5 Features of Enterprise Applications

The critical characteristics of enterprise applications are autonomy, distribution,
and heterogeneity (Hasselbring, 2000; Roman et al., 2005).
Enterprise
application
Resource
context
1
*
Human * *
Resources
Application Component Decomposes
Hardware
* *
manipulates
Resource provides Manipulation
Software * *
Functionality Data
Resources
Fig. 17. Concept of Application.
Distribution
Proxy servicess
common models, structures,

standards, wrappers
Heterogeneity
Fig. 18. Dimensions of Enterprise Applications.
The three attributes are mutually perpendicular to each other in the sense that they
constitute the application’s independent dimensions. Each of these characteristics can
create specific problems to make different applications work together. The objective
is to manage these dimensions in order to increase the capacity of applications. To
these three dimensions, some authors such as Hasselbring (2000) have added another
dimension called dynamism, because applications can evolve according to the evolu-
tions and changes that occur in place in their environment, as shown in Fig. 18.
3.6 Autonomy
An organizational application is autonomous, when it is possible to design and
execute it independently. In the context of databases, Hasselbring (2000) proposes
a classification of autonomy notion by defining several aspects of this concept:
⦁⦁ Design autonomy means that an application is independent of other

applications in its intrinsic design (its data model, its processing model, etc.).
⦁⦁ Autonomy of communication means that an application can locally choose
with which applications it can communicate.
⦁⦁ Runtime autonomy means the independence of the application to manage
interactions with its external environment. The level of autonomy depends on
the organizational changes implemented to this end.
3.7 Distribution
The second characteristic of enterprise applications is the distribution, which
refers to the fact that applications are often physically distributed over the enter-
prise network. This is achieved by distributing the data and/or processing in such
a way that specific data and/or processing in the information system can be imple-
mented at the local level.
Among the techniques most often used to enable application, distribution is based
on the implementation of middleware such as CORBA (Group, 1997), Java/RMI
(Newcomer, 2002; Vaughan-Nichols, 2002), and MOM (Hohpe & Woolf, 2004).
3.8 Heterogeneity
The heterogeneity is an aspect inherent in the fact that enterprise applications can
be developed and deployed independently and according to different approaches
and methodologies. There are several reasons why heterogeneity can occur at dif-
ferent levels, and three primary levels of heterogeneity can be distinguished (Wie-
derhold, 1992):
⦁⦁ Technological heterogeneity which corresponds to the differences present in

the necessary hardware and software used.
⦁⦁ Heterogeneity at the hardware level includes differences related to computers
and networks used.
⦁⦁ Basic software heterogeneity (platform heterogeneity) includes differences
associated with operating systems, database management systems, execution
platforms, etc.
⦁⦁ Syntactic heterogeneity refers to the differences in data formats and applica-
tion interfaces, the signature of functions that can be resolved by syntactic
transformations.
This heterogeneity expresses the fact that the symbolic name of a concept can
be interpreted differently according to the applications considered. These seman-
tic conflicts occur mainly when (1) the same symbolic name covers different
concepts (in this case homonymy) or (2) several symbolic names cover the same
concept (and in this case synonymy).
Semantic problems are a fact in any company. Also, it becomes vital that these con-
flicts are identified and resolved as soon as possible, preferably during the upstream
phases of the project. Many authors (Hasselbring, 2000; Roman et al., 2005) admit
that the heterogeneity of applications is the real challenge in the field of integration.
3.9 Dynamism
The dynamism of enterprise applications is another feature introduced by Sarkis
(2001). Indeed, as current information systems are open and exposed to frequent
changes in response to strategic, commercial, or technological changes affecting the
company, the applications of these systems should evolve dynamically to cope with
these changes. Dynamism is a dimension that generally manifested in two ways:
⦁⦁ The first aspect concerns the dynamism in the behavior that an application can
display autonomously according to its internal configuration.
⦁⦁ The second aspect concerns the changes that can occur within the application
components of an application, such as the modification of specific compo-
nents, the arrival of new components, the deletion of specific components
considered obsolete, and the temporary lack of some components and the
substitution of some components.
3.10 EIS and Company Strategy

The information system must be and remain an element that enables the company
to carry out and succeed in its strategy while respecting the security, integrity,
accuracy, and traceability of data and information. Thus, to make the IS a strate-
gic tool for achieving its strategy, it must be adequately supported by a backbone
that corresponds to this strategy. Before explaining the relationship between the
information system and the company’s strategy, we begin by defining the notion
of strategy and alignment:
– What is an information system strategy?

– An information system strategy should define a target information system, its pri-
orities, steps, and means necessary for its implementation, as shown in Fig. 19.
What company know

What company can do?
to do ?
Strategy
Objectives
+
Orientation
+
Resources
Fig. 19. What is the Strategy?
What is the organizational strategy? Elaborating on the company’s strategy

means choosing the areas of activity, in which the company intends to be present
and allocating resources to maintain and develop in them. The strategy is divided
into two levels: the group strategy that determines the company’s business areas
and the competitive strategy that is implemented in each of these business areas
(Bruce, 1998; Conboy & Fitzgerald, 2004; Imache et al., 2012; Sharifi & Zhang,
1999).
– What does IS strategic alignment mean? The expression “strategic IT align-
ment” means first that the IT corresponds to the company’s strategy and that
it provides the company’s employees with the tools and means necessary for its
implementation.
According to Goldman and Nagel (1993), IT alignment is a managerial prac-
tice that aims to understand better, create, and strengthen the convergences and
synchronizations of the information system with the company’s objectives, tra-
jectories, rhythms, and operations. Also, according to Anthony Byrd, Lewis, and
Bryan (2006), strategic alignment is an approach to aligning the information
system strategy with the company’s business strategy(s). The objective of this
approach is to reinforce the use value of the information system and to make it
an advantage for the company.
– What does IS strategic alignment mean? The expression “strategic IT align-
ment” means first of all that the IT corresponds to the company’s strategy and
that it provides the company’s employees with the tools and means necessary for
its implementation.
According to Goldman and Nagel (1993), IT alignment is a managerial
practice that aims to understand better, create, and strengthen the conver-
gences and synchronizations of the information system with the company’s
objectives, trajectories, rhythms, and operations. According to Anthony Byrd
et al. (2006), a strategic alignment is an approach to aligning the information
system strategy with the company’s business strategy(s). This approach aims
to reinforce the use-value of the information system and make it an advantage
for the company.
The fundamental challenge of strategic alignment is to make the information
system an asset in the service of the company’s strategy. The information system
creates value and is a source of competitive advantage, provided that it is aligned
with business needs through strategic alignment. The notion of strategic align-
ment is not specific to the information system: all the company’s businesses and
functions must be aligned with the company’s strategy.
The relationship between the IS and strategy is described by IS ability to
draw strategy’s consequences (Xiaoying, Qianqian, & Dezhi, 2008). However,
for this to work, the strategy must be explicit. It is not enough to define an IS
to say that you would like to do something: you have to specify how you intend
to do it. It should be noted that reflection on the IS contributes to the quality
of strategic expression, and this results in initial feedback from the IS on the
strategy itself.
That we have defined, implemented, and aligned the IS with the strategy,
including feedback. The process does not stop there, because the implementation
of the IS often opens up strategic opportunities for the company that did not
exist before. It then appears that the IS, first placed at the service of an existing
positioning, then modifies the scope of what is possible and opens the prospect
of a new positioning for managers. The IS has become a new type of asset, and
information asset that the company can value under the same profitability con-
straint as its other assets.
An information system is generally considered a simple support resource for
strategy, whereas it can be a strategic weapon capable of giving a sustainable
competitive advantage to the organization successfully exploiting it (Kumar &
Stylianou, 2014; Swafford, Ghosh, & Murthy, 2008).
3.11 Enterprise Information Systems’ Complexity

Over the past 70 years, information technologies have rapidly evolved and revo-
lutionized the company’s tools (high-level programming languages, databases,
integrated software packages, Internet, BigData; AI, etc.). However, decision-
makers have difficulty in obtaining appropriate information that will facilitate
their decision-making, which remains a challenge.
The rapid evolution of the IT infrastructure leads to the creation of “layers”
in the IS that make it complicated and rigid by making interventions to develop
it costly and risky. The complexity of information systems reduces their flexibil-
ity when flexibility, adaptability, interoperability, and agility are essential for the
company’s survival. The complexity complicates monitoring progress and build-
ing qualified teams, which requires extensive outsourcing and increases the dif-
ficulty of overall control (Goldman & Nagel, 1993).
3.12 Complexity Factors

Information systems’ complexity is due to three factors: heterogeneity, auton-
omy, and development, which make it challenging to model and define the engi-
neering methods of the information systems. The purpose is to manage these
characteristics to increase the individual and collective capacity of the different
EIS parts.
Heterogeneity: It is related to the multiplicity and diversity of the models
used: various models from different points of view, different levels of abstraction
(conceptual, physical, etc.), types of abstraction (data, transactions, etc.), usage
categories (managers, users, etc.), domains (study, production, finance, etc.), etc.
(Arteta & Giachetti, 2004).
Autonomy: A system is autonomous when it is disconnected and independ-
ent of other systems. Autonomy is driven by the fact that an information
system is never isolated; it is embedded in its environment and consequently
into another system with which it interacts through interfaces, technical
devices, temporal or factual events, etc. This environment limits an IS’s auton-
omy (time, material, human, financial resource constraints, etc.) (Arteta &
Giachetti, 2004).
Evolution and dynamism: Evolution and dynamism constitute the “vital” aspect
of an IS. The information system is scalable in response to changes in its environment
(strategic, business or technological changes that the company is undergoing)

(Goldman & Nagel, 1993; Peterson, 2001; Singh, Huhns, & Huhns, 2005).
Also, information system complexity increases with the heterogeneity and evo-
lution of its elements and decreases with its autonomy (Goldman & Nagel, 1993).
3.13 Evolution of EISs

Since 1960, the evolution of computer science has seen a significant expansion in
computer program concepts.
Gradually, the concept of the information system was developed by extending
a computer system concept through the translation of the strategic and organi-
zational dimensions (Drucker, 1995; Keen, 1978; Mintzberg, 1973; Wiederhold,
1992). In the late 1980s and early 1990s, CIOs faced a situation where it was impos-
sible to develop the system without rebuilding it. This context has led to high com-
plexity, delays, and costs (Pinsonneault & Rivard, 1998; Willcocks, 2013).
During the 1990s, a logic of autonomy also emerged (Zviran, 1990). A com-
pany is composed of several subsystems with customer/supplier interactions —
these developments are enriching the information system with a considerable
number of programs. Certain organizations then have an IS composed by a stack
of applications. Evolutionary pressures often imposed on IS weaken it by the lack
of a coherent infrastructure (Robson, 1998).
Early in the 2000s, information systems became increasingly complex through
outsourcing and the emergence of fusions (West, Jr & Hess, 2002). This has com-
plicated the management and monitoring of EIS’s evolution, mainly through
inter-organizational integration, which has led to the emergence of the agility
concept to address this need (West, Jr & Hess, 2002).
Also, the consequences of IT extend beyond the company’s borders, which
requires redefining the network of relationships with partners, suppliers, cus-
tomers, subcontractors, etc. to ensure inter-organizational integration that will
improve its exchanges through the network.
IT affects the selection parameters of internal and external coordination struc-
tures. In particular, their use reduces communications’ time and costs, and pro-
duction costs. Generally, the impact depends mainly on the structure of the value
chain and the characteristics of the business:
⦁⦁ Extension of the market’s role in externalization: the existence of common

databases encourages supplier searches and the decision to outsource.
⦁⦁ Company-internal solution: coordination within the company and possibly
synergy allowing the production of services and/or products at a competitive
cost.
Information technologies facilitate internal and external communication

and, therefore, coordination internally and externally, regardless of the distance
between the partners (Sharifi & Zhang, 1999; Zhang & Sharifi, 2000).
Industry 4.0 was created in Germany around 2012 and is being exhibited to
the general public by the Association of German Manufacturers of Production
Machinery and Equipment. It is the digitization of industry in the broadest sense

of the word. Digital technology is being integrated into product design and also
into the associated means of production. The author states from the outset that
this concept:
also integrates physical assets (machines, equipment, etc.), optimized

and connected and keeping a constant link with the products they
manufacture, in order to adapt in real-time to variations in customer
demands and to respond to changes in end-consumer demand: mass-
produced but customized products, meeting their exact needs, offer-
ing a higher level of quality and giving rise to new services.
It is easy to conclude that there are many components to enable the manufac-
turing company to be digitized from one end to the other.
Robotics are therefore used for manufacturing activities, but also sometimes
elsewhere. The Internet of Things (IoT) is also in place to ensure communication
between heterogeneous objects.
The company may also have an ERP System and a CRM to manage customer
relations.
Dashboards are set up to allow the company to monitor its main KPIs (Key
Performance Indicators) constantly.
We also talk about mobility. Mobile devices are used in many of the company’s
processes.
The use of cloud-hosted services is also required for several activities. Gone are
the days when the company had to have an infrastructure with several local servers.
The flexibility brought to new digital technologies allows us to put the cus-
tomer back at the heart of the information system. It is a form of return to crafts-
manship thanks to p ersonalized services, combined with lower costs and
quality made possible by automation. The whole relationship between the indus-
try and its ecosystem is rethought. The digital factory thus makes it possible to
imagine new products collaboratively thanks to new processes and materials in a
close relationship with customers and suppliers. It also links R&D and design,
operators, and support services.
Company information systems thus benefit from rapid implementation, low
costs, and better information circulation at all levels of the company. Specific
products can be manufactured and customized much more efficiently than mass
production. Machines, products, and systems can be configured, optimized, and
controlled independently of each other. Small Medium Enterprises (SMEs) can
thus break free from the limitations of a small factory by taking advantage of
processes and material flows more quickly and efficiently.
3.14 EIS Governance

Governance, whatever the level at which it operates (management control, project
portfolio, data administration, COBIT alignment, Capability Maturity Model Inte-
gration (CMMI), IT Service Management (ITSM) by ITIL, etc.) must be situated
with a trajectory of the evolution of the information system toward its progres-
sive overhaul. The renovation of information systems tends toward the addition of
devices that promote agility. It is necessary to be able to modify systems more quickly
and more reliably in order to take into account business and technical developments
(Valentine, 2016).
To achieve quality objectives and ensure the continuous improvement of the
enterprise information system, the company must be managed according to a
governance framework based on a set of good practices and standards combined
with agile practices.
A comprehensive enterprise information system program should include IT
governance. IT governance is the primary means by which stakeholders can
ensure that IT investments create business value and contribute to the achieve-
ment of business objectives. This strategic alignment of IT with business is both
challenging and essential. IT governance programs go further and aim to improve
IT performance and deliver optimal business value while meeting regulatory com-
pliance requirements (Benaroch & Chernobai, 2017).
While the CIO is generally responsible for the implementation of IT govern-
ance, the CEO and Board of Directors must receive reports and updates to fulfil
their IT governance responsibilities and to ensure that the program is working
well and delivering business benefits (Turel & Bart, 2014).
In recent decades, board members have generally not been involved in oversee-
ing IT governance. Computer science was a mysterious and frightening art, and
they did not want to dive in and get shot down by a smart-alec technology genius.
However, today, it is a critical and inevitable responsibility, and frameworks have
been put in place to manage IT efforts.
Several IT governance frameworks can guide the implementation of an IT
governance program. Although frameworks and guidelines such as CobiT, ITIL,
ValIT, and ISO 38500 (Simonsson & Johnson, 2006) have widely adopted, there
is no comprehensive standard IT governance framework; the combination that
works best for an organization depends on business factors, corporate culture, IT
maturity, and staffing capacity. The level of implementation of these frameworks
will also vary by organization.
IT governance is a relatively new term, first coming into general use in the late
1990s (Hansen-Magnusson, 2010). Until about 2009, definitions of IT governance
tended to primarily focus on creating the right settings for the effective internal
management of technological infrastructure and IT department (Ali & Green,
2012; Weill & Ross, 2004; Xue, Liang, & Boulton, 2008). IT departments were
expected to deal with a multitude of different issues, including rapid technological
change over a brief period. “Boards needed little or no understanding of technical
issues because the technology was simply a tool to implement a strategy” (Carter
& Lorsch, 2004). Thus the role of IT governance originally had an internal and
primarily operational focus. From around 2003, however, a growing range of
scholars began to consider IT governance as deserving board attention (Cater-
Steel, 2009). Perhaps awareness of the need to distinguish between governance
and management arose because “new technologies are themselves creating strate-
gic choice for businesses worldwide” (Carter & Lorsch, 2004). Others brought the
integration of corporate governance and ITG closer, suggesting IT governance

involving boards needed to be integral to overall enterprise or corporate govern-
ance (De Haes & Van Grembergen, 2013).
Every company or organization is structured around its missions to achieve
the objectives it has set itself. Its activity defines its orientations. It gathers and
coordinates a set of means to carry them out and defines itself as a system:
that is to say, as a set of interacting elements, grouped within a piloted

structure, having a communication system to facilitate the circulation
of information, to respond to needs and achieve specific objectives.
Some researchers have sought to develop a more comprehensive ITG frame-

work by combining a variety of existing definitions and approaches. In general,
frameworks designate the structure of a set of objects within a given domain,
besides describing the relationships among those objects (Brown, Grant, &
Sprott, 2005). The organizing effect of frameworks is especially useful during
the early stages of research in a domain in delineating a research area, provid-
ing a foundation for the description of knowledge, and uncovering or highlight-
ing opportunities for more specific theory development and testing within the
domain in question (Dibbern, Goles, Hirschheim, & Jayatilaka, 2004).
Having uncovered some of the IT governance concepts and challenges, includ-
ing the lack of a mutually agreed definition of IT governance, it is now useful to
discuss the mechanisms that lead to realizing the anticipated benefits of IT gov-
ernance. In general, IT governance can be deployed using a mixture of structures,
processes, and relational mechanisms (Ali & Green, 2012; Weill & Ross, 2004).
By integrating the work of (Brown et al., 2005; Cadete & da Silva, 2017; Heeks,
Foster, & Nugroho, 2014; Van Grembergen, 2004; Weill & Ross, 2004) developed
a conceptual model that describes a comprehensive view of the core elements
of IT governance as depicted in Fig. 20. The model is considered well matured
as it covers the contingency, multidimensionality, and dynamic nature of IT
governance in addition to incorporating the significant elements (structure and
processes) and the four objectives (IT value delivery, strategic alignment, perfor-
mance, and risk management) that drive IT governance (Grant, Brown, Uruthi-
rapathy, Mcknight, & Grant, 2007).
Similarly, each dimension of the model (structures, processes, and relational
mechanisms) consists of the necessary mechanisms for the implementation of
IT governance, as presented in Table 2 (van Grembergen & De Haes, 2009b).
Even though several mechanisms exist within this model, the decision on what to
implement is influenced by the context and contingencies within the organization
and the interacting environment (Nfuka & Rusu, 2011).
In recent years, many organizations have undertaken a process of implementing
IT governance mechanisms based on a single IT governance framework or a com-
bination of frameworks. In general, frameworks can be categorized into groups,
namely: business-oriented frameworks, such as the Committee of Sponsoring
Organizations of the Treadway Commission (COSO), technology-focused frame-
works (e.g., ITIL), and frameworks that aim at aligning business and technology
Configuration External Influence

Organizational
Competitive
Economic
Political
Levels
Rights
Structures Legal Regulatory
Socio-Cultural
Technological
Environmental
Accountability
Direction
Setting
Management
Performance
Transformation
Management
Process
Relational Control and Timing

Mechanism Compliance
Market Maturity
Fig. 20. Extended IT Governance Model.
goals (e.g., COBIT) (Warland & Ridley, 2005). Predominantly, IT governance

frameworks enable executives and practitioners alike to make decisions, direct as
well as evaluate and monitor governance-related activities using a standard and
unified approach. Adopting appropriate IT governance frameworks assists execu-
tives in better understanding the critical role they play in governing IT (Marrone &
Kolbe, 2011). For instance, executives’ commitment, strategic objectives, and
resource allocation influence the adoption and selection of a particular framework
(Benaroch & Chernobai, 2017; Murphy, Lyytinen, & Somers, 2018). From an evalu-
ation perspective, many organizations use frameworks or integrate multiple govern-
ance frameworks to improve their compliance with specific regulatory requirements
(i.e., Sarbanes-Oxley (SOX)), while also enhancing the internal controls environ-
ments (Nianxin Wang, Yajiong Xue, Huigang Liang, & Shilun Ge, 2011).
Some of the general frameworks within the IT governance sphere include COSO,
ITIL, ISO 38500, and COBIT (Brown, Grant, & Sprott, 2005). The ISO standard
addresses the corporate governance of IT and is concerned with governing man-
agement processes and decision-making. On the other hand, ITIL is a framework
that focuses mainly on IT service management, which enables IT departments to
apply strong systematic execution of operations with stringent controls (Marrone,
Gacenga, Cater-Steel, & Kolbe, 2014). COBIT is generally accepted as a standard
and as a common framework for IT governance that, in comparison with COSO,
provides more guidance regarding control over IT (Dahlberg & Kivijärvi, 2006;
De Haes, Van Grembergen, & Debreceny, 2013; Oliver & Lainhart, 2012).
Table 2. The Dimension of the IT Governance Model.
Dimension Definition
Structures This dimension is concerned with the planning and
organizational elements outlined in the high-level governance
strategy of organizations. Four main governance structures are
included, namely: rights, accountability, configuration,
and levels
Processes Processes refer to the tools used for the control and evaluation
of IT governance. There are eight core elements in the processes
dimension, as displayed in Fig. 20, that organizations should
enact for effective IT governance. Processes are fundamental
elements of IT governance frameworks
Relational Relational mechanisms refer to the internal and external
mechanisms relationship management required to ensure the successful
implementation of IT governance. Three relational mechanisms
are identified, namely: network, hierarchy, and market
Timing The timing dimension addresses the temporal aspects associated
with IT governance implementation, namely: maturity, life cycle,
and rate of change
External Different external influences shape the mix of mechanisms
influences used by organizations and should be taken into consideration
when implementing IT governance. The external influences
include organizational, competitive, economic, political, legal or
regulatory, sociocultural, technological, and environmental factors
Despite their established usefulness, Otto (2010) suggests that IT governance

frameworks cannot be considered merely off-the-shelf solutions. They cannot be
implemented without any customization due to factors such as organizational
structure, business objectives, and company size (Raghupathi, 2007). Highlight an
urgent need for IT governance models and frameworks that can be expanded and
transformed from generic frameworks into something more relevant and applica-
ble to businesses and organizations. The COBIT framework (Neto, CGEIT, Asses-
sor, & de Luca Ribeiro, 2014) states that frameworks, best practices, and standards
are useful only if they are adopted and adapted effectively. Accordingly, Dahlberg
and Lahdelma (2007), Simonsson and Johnson (2006), and Webb, Pollard, and
Ridley (2006) draw attention to the very little academic research that guides how
to turn theories on IT governance frameworks and structures into practice.
No real framework thoroughly covers IT governance. From standards, the
information system is approached according to very different facets: production
service and management (Library for IT Infrastructure – ITIL), project develop-
ment and organization (Integrated Maturity Level Model – CMMI, Guide to the
body of knowledge – ITIL), project management (ITIL), project management
(ITIL), and project management (ITIL).
In project management PMBOK, technology and process management

(Information control objectives and associated technologies – CobiT and ISO
38500), security (ISO 27000).
Each standard tends to extend its field of competence so that it may overlap or
duplicate each other. Therefore, the key is integration and adaptation by choos-
ing to build an effective approach and implementing some parts of the standards
rather than having the goal of implementing everything (van Grembergen & De
Haes, 2009b). Defines the governance objectives through three questions: How
are decisions made? About the information system? How to improve and gain
acceptance of the making of these decisions? How to ensure that these decisions
will be made implementations appropriately? Thus, the implementation of gov-
ernance must allow the ascent of understandable performance indicators used by
management to assess the proper functioning of IT services, in response to the
strategic business needs (Beloglazov, Banerjee, Hartman, & Buyya, 2014). The
most common IT governance standards are presented below.
3.14.1 COBIT
The Information Systems’ Audit and Control Association (ISACA) and the ITGI
have founded COBIT in 1992. The first edition of COBIT was published in 1996,
and the fifth and latest edition was published in April 2012. The framework has
grown to be, and still is, one of the most significant global frameworks for IT
governance (Omari, Barnes, & Pitman, 2012). COBIT was initially built as an IT
audit guideline (ISACA, 2012), because the framework contained a comprehen-
sive set of guidelines to improve audit and compliance, provided detailed guid-
ance on governance practices, and offered auditors several customized checklists
for various aspects of controls assessment (Hiererra, 2012). These aspects make
COBIT a perfect framework for establishing control over IT, facilitating perfor-
mance measurement of IT processes, and allowing executives to bridge the gap
between control requirements, technical issues, and business risks (Brustbauer,
2016). Also, COBIT has significant business value in terms of increased com-
pliance, corporate risk reduction, and proper accountability, and is proven to
be a useful tool to establish a baseline for process maturity (Wang et al., 2011).
Moreover, the framework is growing to be universally applicable due to its full
implementation as an IT governance framework (Ribeiro & Gomes, 2009; van
Grembergen & de Haes, 2009).
From an IT governance perspective, the primary objective of COBIT is to
enable value creation through ensuring benefits are realized, risk reduced, and
resources optimized. It is also proclaimed to provide business stakeholders with
an IT governance model that improves the management of risks associated with
IT and leverages a top-down structure to ensure systematic management of
the detailed processes to achieve proper IT governance (Von Solms, 2005). The
COBIT framework is considered to be a generic, comprehensive, independent,
and large body of knowledge designed to measure the maturity of IT processes
within organizations of all sizes, whether commercial, not-for-profit, or in the
public sector (Elhasnaoui, Medromi, Chakir, & Sayouti, 2015; Wang et al., 2011).
The COBIT framework has been steadily achieving worldwide recognition

as the most effective and reliable tool for the implementation and audit of IT
governance, as well as for assessing IT capability. It is regarded as the leading
standard to adopt for organizations striving to comply with regulations such as
SOX in the United States. It is also considered a trusted standard that has been
adopted globally, as it provides extensive sets of predefined processes that can be
continually revised and customized to support different organizational objectives.
Whether for private or public industries, governments, or accounting and audit-
ing firms (Cadete & da Silva, 2017; Guldentops, 2002; Maes, De Haes, & Van
Grembergen, 2013; van Grembergen & De Haes, 2009a; Warland & Ridley, 2005;
Wood, 2010), COBIT is viewed as an exhaustive framework that encompasses a
complete lifecycle of IT investment (De Haes et al., 2013) and supplies IT metrics
to measure the achievement of goals (Williams, Hardy, & Holgate, 2013).
It is also defined as the best framework to balance organizational IT goals,
business objectives, and risks (Warland & Ridley, 2005). This is achieved by mak-
ing use of (Kaplan, Kaplan, Norton, & Norton, 1996) Balanced Scorecard (BSC)
dimensions – Financial, Customer, Internal; and Learning and Growth – to intro-
duce a goals cascade mechanism that translates and links stakeholders’ needs to
specific enterprise goals, IT-related goals, and enabler goals (COBIT processes). A
set of 17 enterprise goals has been developed and mapped to 17 IT-related goals
and sequentially to the COBIT processes (ISACA, 2012). In addition to providing
a set of IT governance processes, COBIT also facilitates the appropriate imple-
mentation and effective management of these processes through establishing clear
roles and responsibilities using a detailed Responsible, Accountable, Consulted,
and Informed (RACI) matrix (Simonsson, Johnson, & Wijkström, 2007).
The fifth version of COBIT is built on five basic principles: Meeting Stake-
holder Needs, Covering the Enterprise End-to-End, Applying a Single, Integrated
Framework, Enabling a Holistic Approach, and Separating Governance from
Management. Further, the COBIT 5 Process Reference Model (PRM) divides IT
into five domains:
⦁⦁ Evaluate, Direct, and Monitor (EDM);

⦁⦁ Align, Plan, and Organize (APO);
⦁⦁ Build, Acquire, and Implement (BAI);
⦁⦁ Deliver, Service, and Support (DSS); and
⦁⦁ Monitor, Evaluate, and Assess (MEA)
The COBIT 5 domains are broken into 37 high-level IT processes, and over
300 detailed IT controls covering aspects of IT management and governance
(ISACA, 2012). Another distinctive feature within COBIT lies in its ability to
identify seven categories of enablers (or factors):
⦁⦁ principles, policies, and frameworks;

⦁⦁ processes;
⦁⦁ organizational structures;
⦁⦁ culture, ethics, and behavior;
⦁⦁ information;
⦁⦁ services, infrastructure, and applications; and
⦁⦁ availability.
Thus, it is considered the most appropriate framework to facilitate the align-

ment between business and IT goals (Oliver & Lainhart, 2012).
COBIT 5 transformed into a more business-oriented framework by establish-
ing one integrated framework that consisted of different models (e.g., Val IT and
Risk IT). This amalgamation was mainly due to the recognized need to provide
a comprehensive basis for options, not only for users and auditors but also for
senior managers and business process owners in order to cover all aspects of busi-
ness and functional IT responsibilities leading to effective IT governance and
management outcomes. Moreover, COBIT 5 has been aligned with the ISO/IEC
15504 Process Capability Model (PCM) (ISACA, 2012). From an IT governance
evaluation perspective, the shift from the Capability Maturity Model (CMM), or
the more recent CMMI, developed by the Software Engineering Institute (SEI)
to the new PCM has revolutionized COBIT, giving it a cutting edge in assessing
capability at the process level instead of assessing maturity at the enterprise level
(ITGI, 2007). This new approach is more consistent and repeatable, but it is also
verifiable and can demonstrate traceability against objective evidence gathered
during the evaluation process (Basson, Walker, McBride, & Oakley, 2012). The
PCM has been used extensively by financial institutions in Europe to conduct
internal controls audits to assess the need for improvement. It adds to the advan-
tages organizations should expect from implementing COBIT as the partnership
between the framework and the PCM delivers a measurement scale to quanti-
tatively evaluate the existence, adequacy, effectiveness, and compatibility of IT
governance processes.
Recently, COBIT 2019 was published in November 2018. It contains several
new, amended, and updated elements (Steuperaert, 2019).
Practical information and technology governance is essential to the business
success of any organization. This new version further cements COBIT’s contin-
ued role as an essential driver of business innovation and transformation.
COBIT 2019 (De Haes, Van Grembergen, Joshi, & Huygh, 2020) is an evolu-
tion of the previous version of ISACA’s governance framework. Building on the
foundation of COBIT 5, it incorporates the latest developments affecting busi-
ness information and technology.
COBIT 2019 offers greater flexibility and openness to improve the timeliness
of COBIT. Below are reflections on the significant changes brought by COBIT
2019:
⦁⦁ The introduction of new concepts such as focus areas and design factors allows
the company to propose good practices to adopt a governance system to its needs.
⦁⦁ Updating the alignment with standards, frameworks, and best practices
improve the relevance of COBIT.
⦁⦁ An open-source model will allow the global governance community to con-
tribute to future updates by providing feedback, sharing applications, and
proposing improvements to the framework and derivatives in real-time. In this

way, new COBIT developments can be published on a cyclical basis.
⦁⦁ New guidelines and tools support the development of an optimal governance
system. It makes COBIT 2019 more prescriptive.
⦁⦁ COBIT 2019 reference model with now 40 governance management objectives
(processes) instead of 37 processes in COBIT 5.
⦁⦁ Enabler Guidance: has been removed to simplify COBIT.
⦁⦁ The COBIT Principles for the Governance System and the Governance Frame-
work have been renamed and changed.
⦁⦁ The IT Related Goals have been renamed to Alignment Goals.
⦁⦁ The process guide is now structured in “Governance / Management Goals,”
the process guide being (only) part of it, supplemented by other governance
components.
COBIT 2019 introduces three new governance and management objectives:
⦁⦁ APO14 - Managed Data;

⦁⦁ BAI11 - Managed Projects; and
⦁⦁ MEA04 - Managed Assurance.
COBIT 2019 now explicitly integrates DevOps. DevOps illustrates both a

component variant and a focus area. It is a current topic in the market and cer-
tainly requires specific guidance.
DevOps includes several generic governance and management objectives of
the central COBIT model, as well as many process variants and organizational
structures related to development, operations, and monitoring. DevOps also
requires establishing a specific culture and attitude of openness, sharing of skills,
and taking teams out of their comfort zone. Similarly, DevOps requires a certain
level of automation (services, infrastructure, and applications). DevOps is an area
of interest, prioritized among the first and under development.
A focus area describes a governance topic, area, or problem that can
be addressed by a set of governance and management objectives and their
components.
Focus areas may contain a combination of generic governance components
and variants.
The four areas of interest currently prioritized and in the process of being
published are:
⦁⦁ small and medium enterprises;

⦁⦁ cybersecurity;
⦁⦁ risks; and
⦁⦁ DevOps.
The number of areas of interest is practically unlimited. That is what makes

COBIT open. The addition of new areas of interest will occur at the request or
with the input of experts and practitioners.
3.14.2 LIBRARY (ITIL)

ITIL is a framework of best practices, based on a process-based approach, with
the objective to improve the delivery of high quality IT services at a low cost.
Before its creation, agencies and private sector contractors were independently
creating their own IT management practices and duplicating efforts. The con-
tent of ITIL is independent of tools, vendors, or industry in which the service
is executed, and can be applied to organizations of any size. However, it is not
intended to be applied as-is; organizations are motivated to adapt it to meet their
own business needs.
According to ITIL, service management is a set of specialized organizational
capabilities for providing value to customers in the form of services. The act of
transforming resources into valuable services is at the core of service manage-
ment. Without these capabilities, a service organization is merely a bundle of
resources that by itself has relatively low intrinsic value for customers. However,
ITIL considers service management as more than just a set of capabilities. It is
also a professional practice supported by an extensive body of knowledge, experi-
ence, and skills.
ITIL also defines the distinction between functions and processes. Functions
are specialized organizations with certain types of work and responsible for spe-
cific outcomes. Such organizations are self-contained, with all the necessary capa-
bilities and resources available for their performance and outcomes. For example,
the Service Desk is a function of the role to be the primary point of contact
for customers when there is a service disruption. Processes, on the other hand,
can be assumed as closed-loop systems, providing changes and transformations
toward a specific goal and using feedback for self-reinforcing and self-corrective
actions. Processes are measurable, have specific results delivered to customers, and
respond to specific events. For example, Event Management is a process respon-
sible for monitoring all the events that occurred throughout the IT infrastructure.
Up to version 2, the ITIL focus was on processes, but since its version 3, the
focus changed to business value. This change occurred as an attempt to strengthen
the relationship between the organization’s business needs and operational IT
processes. Version 3 also recognizes the value and applicability of other stand-
ards, such as COBIT and CMMI. The ITIL v3 structure is composed of two com-
ponents: the ITIL Core, which provides best practices applicable to organizations
of all sizes and types; and the ITIL Complementary Guidance, which comprises
a complementary set of publications with guidance specific to industry sectors,
operating models, and technology architectures.
The focus on Change Management Advisory Boards (CABs) in previous ITIL
versions has led to a misperception of ITIL as not being agile or hindering rapid
deployment. However, ITIL was never designed to be implemented in such a way
that the IT department would evaluate or fine-tune all changes.
To reinforce this and help organizations develop flexible service management
strategies, ITIL 4 now incorporates agile and DevOps practices into the frame-
work. ITIL 4 encourages collaboration and communication within the organiza-
tion and guides how to implement change quickly (Woo, Lee, Huh, & Jeong, 2020).
3.14.3 Structure of ITIL v4

ITIL 4 comprises the following subdivisions:
⦁⦁ key concepts(key concepts) of service management;

⦁⦁ the four dimensions of service management;
⦁⦁ service Value System (SVS); and
⦁⦁ management Practices.
Below is a brief explanation for each of these four subdivisions.
⦁⦁ Key concepts: value, cocreation, and outcomes
ITIL Foundation introduces some key concepts that are important for a good
understanding of the framework. These concepts include standard terms such
as service providers, stakeholders, and risks. Nevertheless, new concepts are also
emerging.
ITIL 4 does not focus on service delivery, as was the case in version 3, but
rather on value creation. It is not up to the service provider alone to provide
this value. Instead, it is a co-creation, the result of a partnership with the cus-
tomer. This version does not aim at respecting processes, but rather at pursu-
ing objectives: outcomes and improved customer experience as one of the main
objectives.
⦁⦁ The four dimensions of service management
Where v3 focused primarily on how the 26 IT processes can be arranged, ITIL

4 goes further. The new version’s spirit also involves taking into account the four
dimensions of service management for each service designed or delivered:
⦁⦁ organizations and individuals;

⦁⦁ information technology;
⦁⦁ partners and suppliers; and
⦁⦁ value flows and processes.
⦁⦁ Service Value System and Service Value Chain
With a value-oriented perspective, we will no longer speak of “process mod-

els” but instead of “value systems” or “value chains.”
The value chain (ITIL Service Value Chain, SVC) is an overview of all the
activities you can do to generate value. These activities are Plan, Improve, Engage,
Design, and Transition, Obtain/build, Deliver, and support. It is unnecessary to
perform all these activities for each service, and there is no set order. Fixing a bug
and replacing a server farm involve different activities.
This value chain (SVC) is part of a more extensive value system (Service Value
System, SVS). ITIL SVS describes all the factors that influence the value chain.
These are referred to as guiding principles, governance, and the improvements
that the organization performs.
⦁⦁ The guiding principles
The guiding principles, introduced in ITIL Practitioner, take on a prominent

role in version 4. The nine Practitioner Principles have been revised to seven
principles:
⦁⦁ Focus on Value: everything the organization does must, in some way, provide
value to customers or other stakeholders.
⦁⦁ Start Where You Are: when an organization wants to improve something, it
should not eliminate all current methods, but should keep the good things and
change what does not work.
⦁⦁ Progress Iteratively With Feedback: The organization should implement
improvement processes in small steps, even if they are large projects. Immedi-
ately evaluate each step and start over where necessary.
⦁⦁ Collaborate and Promote Visibility: The organization must work closely with
other parties such as customers and suppliers to promote its visibility.
⦁⦁ Think and work Holistically: Do not think of the IT organization as an island,
but as part of a network where the sum of all parts creates value for customers.
⦁⦁ Keep it Simple and Practical: The organization must ensure that its work and
processes remain as simple as possible and remove any steps that do not pro-
vide value.
⦁⦁ Optimize and Automate: Whenever possible, optimize or automate tasks,
unless it means higher costs or a poorer customer experience.
⦁⦁ The underlying ITIL Service Management processes remain – but are now
called “practices.”
⦁⦁ The underlying processes from Release 3, such as Incident Management, Service
Level Management, and Capacity Management, remain fundamentally unchanged.
However, the 26 processes of v3 are replaced by the 34 practices of ITIL 4.
Why practices? Because ITIL 4 not only describes how a process works, but also,
for example, for each of the practices, looks in more detail at the skills the team needs,
how they can work with the suppliers and the technology that can be used to do this.
⦁⦁ One Response to Agile, Lean, and DevOps?
ITIL itself has become more agile. This can be seen mainly in the seven guid-
ing principles. The emphasis on value generation, improvement in small steps, the
importance of process simplicity, etc., is all part of this. There is a clear percep-
tion of agile thinking. These agile ITIL guidelines also facilitate collaboration
with agile teams. To demonstrate that version 4 is adapted to the agile philosophy,
Axelos recently published a case study of Spotify, which is known to be one of
the most agile companies.
However, this version does not provide a complete answer to the agile, lean and
DevOps aspects. Admittedly, Foundation mentions the terms agile and DevOps.
There are few concrete solutions on the possibilities of combining ITIL with
more agile methods. Example: how should a helpdesk that has to comply with
strict service level agreements collaborate with an agile back office team? How do
IT Ops and DevOps work best together?
3.14.4 CMMI
The CMMI is a model for assessing the level of maturity of an organization’s
systems, product and/or software development. Its objective is to control engi-
neering processes and consequently, the quality of the products and services
resulting from these processes. It provides a reference for best practices in soft-
ware development.
The CMMI is an extension of the CMM (Capability Maturity Model), pre-
sented by the SEI (Software Engineering Institute) in the 1980s.
At the US Department of Defense (DoD) request, the SEI developed a set of
criteria to determine whether a project would be completed on time, on budget,
and to specifications.
In 2001, the SEI created a new version of the CMM, incorporating all the
advances of other models that had emerged to fill specific gaps in the CMM.
The latest version of the CMMI (version 2.0) was released in 2018. It allows the
model to be applied to the development of hardware, software, and services in all
industries.
CMMI proposes a set of objectives aimed at guaranteeing the quality of
projects (Ramírez-Mora, Oktaba, & Patlán Pérez, 2020). It is accompanied by
a repository of good practices expected to achieve these objectives. CMMI pro-
vides a framework for the definition of the organization’s key processes, including
project management (planning, resource management, risk management, etc.),
engineering (requirements management, technical solutions, product integration,
etc.), and support (configuration management, quality assurance, measurement,
analysis, etc.). It is a tool to help define and improve processes.
The need to implement a CMMI model in an organization arises when the
company detects recurring problems such as late deliveries, budget overruns, cus-
tomer dissatisfaction, and lack of management visibility.
CMMI, therefore, aims to:
⦁⦁ improve the quality of the delivered product and the productivity of the project;
⦁⦁ increase customer satisfaction by better meeting their requirements;
⦁⦁ reduce costs and meet deadlines; and
⦁⦁ give better visibility to management and allow better risk management.
The good practices recommended by the model are grouped into 25 key pro-
cesses (Process Area), themselves grouped into five levels of maturity/capacity:
Level 1: Initial. Every organization defaults to level 1. Project management is
not defined within the organization. Effectiveness relies on the skills and motiva-
tion of individuals. No control is carried out.
The project can succeed but with cost and time overruns. Success factors are
not identified, and the project does not build on experience.
Level 2: Managed. Project management is defined at the organization level
and is applied by default to all projects. All projects meet the CMMI level 2 mod-
el’s objectives with the processes proposed by the organization, or by default with
processes defined at the project level. The project builds on what has been done
previously, thanks to better discipline. Successes are repeatable.
Level 3: Defined. Project management processes are extended to the entire

organization through standards, procedures, tools, and methods also defined at
the organizational level. The entire organization has a discipline that is applied
consistently. The organization monitors and manages the improvement of these
processes.
Level 4: Quantitatively Managed. The success of projects is quantified. The
causes of deviations can be analyzed. Process performance is predictable in terms
of quantity and quality.
Level 5: Optimizing. It is referred to as the stage of continuous process
improvement incrementally and innovatively. Developments are anticipated. Pro-
cesses are constantly challenged in order to stay in line with the objectives.
The latest version of CMMI is written in non-technical language, making it
more user-friendly and comfortable to implement. Organizations can explore
CMMI online and configure it according to their specific goals for performance
improvement and organizational success. Tools such as Visure Requirements
improve maturity by monitoring and tracking requirements and helping to stand-
ardize and harmonize the application of business processes.
3.14.5 Committee of Sponsoring Organizations of the Treadway

Commission (COSO)
The US Congress convened the COSO in response to well-publicized financial
irregularities that occurred in the late 1980s. COSO formulated an internal control
framework designed to help organizations reduce the risk of asset loss, ensure the
reliability of financial statements and compliance with laws and regulations, and
promote efficiency. COSO is recognized by many public sectors and professional
bodies as a standard for the evaluation of internal control and the risk environ-
ment (Chiu & Wang, 2019). Under the COSO framework, the effectiveness of an
internal control system is measured by its capacity to provide reasonable assur-
ance to management and the board of directors of their bank’s achievement of
its objectives in three categories:
⦁⦁ effectiveness and efficiency of operations;

⦁⦁ reliability of financial reporting; and
⦁⦁ compliance with applicable laws and regulations.
The emphasis on behavior in the COSO model is a recognition of reality,

namely that policies specify what management wants to happen, what happens,
and which rules are obeyed, bent, or ignored, is determined by corporate culture.
The COSO “internal control model” consists of five interrelated components that
are inherent in the way management runs the organization. The components are
linked and serve as criteria for determining whether or not the system is active.
The COSO components include control environment, risk assessment, control
activities, monitoring and learning, and information and communication. The
COSO enterprise risk management framework and critical components of the
operational risk approach.
Fig. 21. The ERM Model Proposed by COSO.
Another critical theme addressed by COSO is enterprise risk management.

COSO divides the enterprise risk management (ERM) framework into eight
interrelated components, as shown in Fig. 21, including the following:
⦁⦁ Internal environment – Internal environment describes the work environment

and risk preferences of an organization and sets the framework for how risk is
viewed and addressed by its management and employees. The internal environ-
ment includes risk management philosophy, risk appetite, integrity, and ethical
values, and the environment in which they operate.
⦁⦁ Objective setting – Objectives must be set up-front. Risk management function
should ensure that corporate management has a process to set the objectives,
that the chosen objectives support and align with the entity’s mission, and that
they are consistent with its risk appetite.
⦁⦁ Event identification – Internal and external events affecting the achievement
of an entity’s objectives must be identified, distinguishing between risks and
opportunities. Opportunities are channeled back to management’s strategy or
objective-setting processes.
⦁⦁ Risk assessment – Risks are analyzed, considering the likelihood of occurrence
and impact, as a basis for determining how they should be managed. Risks are
assessed on an inherent and continuing basis.
⦁⦁ Risk response – Management selects risk responses – avoiding, accepting,
reducing, or sharing risk – developing a set of actions to align risks with the
entity’s risk tolerances and risk appetite.
⦁⦁ Control activities – Policies and procedures should be established and

implemented to help ensure the risk responses are effectively carried out.
⦁⦁ Information and communication – Relevant information is identified, captured,
and communicated in a form and timeframe that enable people to carry out
their responsibilities. Effective communication also occurs in a broader sense –
flowing down, across, and up the entity.
⦁⦁ Monitoring – The entirety of enterprise risk management must be monitored,
and modifications made as necessary.
3.15 Urbanization
The dynamism of enterprise applications is another feature introduced by Singh
et al. (2005). Indeed, since current information systems are open and subject
to frequent changes in response to strategic, business, or technological changes
affecting the company, the applications of these systems must then be able to
evolve dynamically to cope with these changes.
3.15.1 The Metaphor of the City

Indeed, urban planning is generally based on geographical invariants. A city is
structured into zones, districts, and blocks. Planning rules are then established
and applied for each area. These divisions must be stable over time, and the city
actor will, therefore, consider them as invariant. Similarly, IS urbanization is
based on the assumption that stable, functional blocks can be determined, at least
for a long time, if not forever (Imache et al., 2012).
Urbanization challenges are:
⦁⦁ cost-saving: ways to eliminate redundancies, reduce costs without disrupting

critical business processes;
⦁⦁ providing more value: how to introduce new technology to bring more value
to the business;
⦁⦁ flexibility: ability to design an architecture that facilitates the evolution of busi-
ness processes;
⦁⦁ cost-effective and efficient production: the question is whether new technol-
ogy can be implemented at a lower cost without having to rebuild the existing
information system?
⦁⦁ interoperability: how to integrate existing applications and data blocks and
make them interoperable?
⦁⦁ opening: how to build the foundations for applications that interact with the
ecosystem (Internet, WEB, etc.); and
⦁⦁ ensure quality of service: the ways to manage and control the quality of the
service offered.
Accordingly, urbanization provides an information system that is better

adapted to serve the company’s strategy and anticipate changes in the environ-
ment. Corporate information system managers want to satisfy the demands of
technological solutions; however, they face several challenges: costs, budgets,

applications that are often not well known, resulting in difficulties in inte-
grating new projects and evolving the information system. Management of
these problems leads to dramatic failures. Organizations first wanted reliable
and open information systems while maintaining a high level of security. The
company’s master plan, which is a strategic plan designed to steer the develop-
ment of IT in the company, by translating its strategy into IS-related actions
(Byrd & Turner, 2000; Knapp, Morris, Marshall, & Byrd, 2009), has mostly
met these expectations.
In addition to these two required qualities, agility is nowadays defined as a nec-
essary and indispensable tool to face economic instability (Conboy, 2009; Dove,
1995; Knapp et al., 2009; Sharifi & Zhang, 1999).
Thus, IT agility becomes the primary objective of any IT department and must
be a quality that any company must have within its reach to satisfy customer
needs, competition and rapid technological change (H. T. Goranson & Goranson,
1999). Currently, the company’s roadmap does not address this issue; it replaces it
with the concept of urbanization of the enterprise’s information system.
In order to align the IS with the company’s strategy, there needs to be sufficient
flexibility. Nevertheless, it is difficult for the company to cope with increasing and
random changes in the environment. In this way, when it comes to finding a new
course for the company to face random and unexpected changes, the urbaniza-
tion project of its information system becomes an adapted and essential compass.
The aim of the urbanization process consists in simplifying the vision of the EIS
and promoting its use as a factor of value creation and a source of innovation for
the company in order to ensure its evolution and competitiveness.
The urbanization of the company will enable it to become a high-
performance, efficient and fulfilling environment. The organization will then
become agile; in other words, able to react to external and internal constraints.
According to Cumps, Viaene, Dedene, and Vandenbulcke (2006), an urban-
ized company has an exceptional response capacity and structures that can be
quickly mobilized.
Within the framework of the POIRE approach, the purpose of this phase is
to improve the agility and characteristics of the EIS: coherence, flexibility, agility,
proactivity, interoperability, adaptability, scalability, stability, and efficiency.
This will facilitate management of unpredictable changes; while maintaining
the coherence of the EIS basis of good practices set that allow corporate govern-
ance alignment with new financial requirements and globalization legislation.
The information systems have several dimensions that can be analyzed with
the typologies of the company (Izza & Imache, 2010), and a complexity that
reflects the human organization they must serve.
Urbanization is necessary for two reasons: to manage and maintain an asset
until it is effectively obsolete, and to have an agile information system that can
evolve quickly and effectively to meet changing needs (Sassone, 1988; Willcocks,
2013).
In this aim, we first define what the target information system should be, the
one that will best serve the company’s strategy and satisfy business processes, that
is, an aligned information system (Sassone, 1988). Then, establish construction

rules to avoid inheriting old information system failures and anticipate changes,
in other word, an agile information system (Stein, Galliers, & Whitley, 2016); and
finally, determine the path of the current IS to obtain the target, which requires
a knowledge of the old IS, to define criteria in order to know when to start and
when to finish.
Flexibility is essential to align EIS with the company’s strategy. Nevertheless,
there are difficulties for companies coping easily with increasing and random
changes in their environment. Thus, urbanization has emerged as an essential and
appropriate way to deal with random and unexpected changes.
The urbanization approach consists in simplifying the vision of the EIS
and promoting its use as a factor of value creation and source of innovation
for a company in order to ensure its evolution and competitiveness (Sassone,
1988).
Urbanization will enable the company to become more efficient, more effec-
tive, and more rewarding. It makes it agile, which means it can react adequately to
external and internal constraints.
3.15.2 The Urbanization of Information System

The complexity of information systems complicates company integration and can
be compared to that of human cities or urban systems that are urbanized. As a
result, the urbanization of information systems contributes to improving agility.
Urbanization is the driving force behind a company’s evolution, whose key to suc-
cess is the effective use of information. It addresses the evolution of information
systems by providing a framework for the system evolving in response to changes
in the business environment (Trabelsi & Abid, 2013).
The urbanization process has three main phases:
(1) – determine the business strategy required to satisfy the need;

(2) – definition of functional requirements and specific mapping; and
(3) – identification of technological orientations.
As illustrated in Fig. 22, based on Izza and Imache (2010) proposes an urbani-
zation approach, in which Urbanization contributes to the various dimensions of
the EIS.
The design of the EIS, considering their interactions, and the alignment pro-
cess will be implemented according to the governance guidelines defined by the
company’s strategy. Thus, the approach to urbanization and alignment is first
from top to bottom (analysis and strategic design), and then from bottom to
top (execution and validation), which will increase EIS flexibility and alignment,
enhancing its agility.
Through the urbanization process, the architecture of the EIS can be struc-
tured more efficiently. In this regard, the rules of urbanization and rules of good
practice are used, which lead to a digressive decomposition of the overall EIS
dimensions: Zone, Neighborhood, and Block.
IS Strategy
EIS Governance
Organizati Informatio Environme

Process onal n Resource ntal
dimension dimension dimension dimension dimension
alignment alignment alignment alignment alignment
Urbanization
Fig. 22. EIS Urbanization and Alignment.
⦁⦁ Zone: An area forms a homogeneous family of neighborhoods with the same

construction rules and linkage.
⦁⦁ Neighborhood: An information system neighborhood is a fraction of an area
that is itself a fraction of a processed information system. A neighborhood
corresponds to what is called a subsystem. A neighborhood forms a homoge-
neous family of blocks that obey the same rules of construction and coupling.
⦁⦁ Block: A block is a set of homogeneous data and processing. The block is the
basic unit of urban planning. A block forms a similar data and processing
family, which follows the same construction, and coupling rules.
3.16 Flexibility
The significant of IT organizational infrastructure capacity as a critical compo-
nent of the organization’s survival and competitiveness continues to grow. Shar-
ing IT infrastructure considered widely as the basis for shared IT capabilities used
to develop IT applications and support business processes (Chung, Rainer Jr, &
Lewis, 2003; Darke, Shanks, & Broadbent, 1998). IT infrastructures are generally
the foundation of shared IT capabilities that enable the development of IT appli-
cations and support business processes (Lim, 2014). According to Zhu (2004),
IT infrastructure as a set of IT organizational resources and capabilities that are
shared across the organization and form the foundation on which IT applications
are developed and business processes are supported. IT infrastructure capabilities
are usually provided by IT/IS (service) organizational functions, but may also
include public or outsourced facilities used by organizations (Chin, Marcolin, &

Newsted, 2003). The main reason for developing IT infrastructure capabilities is
to support similarities among different applications or uses, through facilitating
information sharing across organizations for cross-functional integration (Broad-
bent & Weill, 1997).
Literature defines flexibility as the react ability to the environmental change,
in the areas of information systems, organizational theory, and strategic manage-
ment or operational management (Lee & Xia, 2005). However, many researchers
have characterized IT flexibility as the organizational capacity to support a vari-
ety of information technologies and services based on four dimensions: compat-
ibility, connectivity, modularity, and IT staff flexibility.
Compatibility is the ability for sharing any information between any techno-
logical components. The connectivity is the ability of technology to interact with
other technological components. In other words, connect each person, functional
area, and application in organizations. Modularity means that software applica-
tions facilitate management by a processed routine in separate modules. It also
allows the company to quickly create or modify software applications to support
product development changes. IT staff flexibility refers to the capability to work
collaboratively in cross-functional teams embracing various technologies types
(Byrd & Turner, 2000).
Weill (1994) found that the IT flexibility is linked to the efficiency and imple-
mentation of IT/IS (i.e., business transaction processing systems, information
management systems, decision support systems, network management, etc.).
Other research indicates that IT flexibility is essential in determining IS/IT effec-
tiveness or operational performance. IT capabilities are usually provided by IT/IS
organizational functions (department); they may also include public or external
used by organizations. One of the main reasons for developing IT infrastructure
capabilities is to support commonalities between different applications or uses,
by facilitating information sharing between organizations and cross-functional
integration (Izza & Imache, 2010; Maas, 1998; Weill & Ross, 2004).
Generally, literature confuses agility with flexibility. However, agility is a
combination of speed and flexibility. Agility means the ability to respond to
unexpected environmental changes, while flexibility refers to responses to risk
situations or anticipated unforeseen events (e.g., scenario planning) (Adams
et al., 2009; Izza & Imache, 2010).
Mårtensson notes that It is important to not confuse agility, or agile informa-
tion system, with flexibility or flexible IT Systems. Apparently, the two concepts
are related but different. Indeed, the researcher also considers that agility involves
using flexibility and proposes a curve that illustrates, at the conceptual level, the
relationship between agility and flexibility/complex.
3.17 Agility
In the field of IS research, the concept of agility is often associated with terms
such as flexibility, dynamic and organic. As previously mentioned, the concepts
of flexibility and agility have been linked to the broader challenge of combining
complex IT systems with unexpected, and sometimes surprising, changes in user

needs, business processes, corporate structure, strategy, and markets.
Early in the 1990s, the concept of agility was introduced into IS research
(Bamber, Sharp, & Hides, 2000; Ciborra, 2009; Markus & Benjamin, 1996;
Sharifi & Zhang, 1999; Sharp et al., 1999; Zhang & Sharifi, 2000) after agile
methods success in computer development. In 2000, the IS search focused on
other attributes of explanatory agility (IS) through IT, development methods
(IS), and (IS) outsourcing practices. Also in the literature, we deduced that is a
lack of a unique definition of the agility concept; The Agility Research in (IS)
Agility was devised on several streams. Table 3 highlights the main IS agility
research streams.
Table 3. IS Agility Research Streams.
IS Agility Research Streams Authors

IS design and Rockart, Earl, and Ross (1996)
governance Parger (1996)
Clark et al. (1997)
Boar (1998)
Truex, Baskerville, and Klein (1999)
Tan and Sia (2006)
Gerth and Rothman (2007)
Sia, Koh, and Tan (2008)
Stettina and Kroon (2013)
Strategic IS Lacity, Willcocks, and Feeny (1996)
management Sia et al. (2008)
Schmidt and Buxmann (2011)
Tiwana, Konsynski, and Bush (2010)
Joachim, Beimborn, and Weitzel (2013)
Alaceva and Rusu (2015)
Kale, Aknar, and Başar (2018)
Kaur, Kumar, and Kumar (2017)
Competencies Markus and Benjamin (1996)
and skills of IS Butler and Gray (2006)
professionals
McCann, Selsky, and Lee (2009)
Chamanifard, Nikpour, Chamanifard, and
Nobarieidishe (2015)
Lengnick-Hall, Beck, and Lengnick-Hall (2011)
Saha, Gregar, Van der Heijden, and Sáha (2019)
Table 3. (Continued)

IS development Baskerville and Pries-Heje (2004)
Lee and Xia (2005)
Holmqvist and Pessi (2006)
Lyytinen and Rose, 2003
Conboy (2009)
Saonee Sarker and Suprateek Sarker (2009)
Zheng, Venters, and Cornford (2011)
Hong, Thong, Chasalow, and Dhillon (2011)
Ramesh, Mohan, and Cao (2012)
Wang, Conboy, and Pikkarainen (2012)
McAvoy, Nagle, and Sammon (2013)
Moy (2018)
Shein, Robinson, and Gutierrez (2018)
Methods of software Overby, Bharadwaj, and Sambaurthy (2006)
development Börjesson, Martinsson, and Timmerås (2006)
Dybå and Dingsøyr (2008)
Tanriverdi, Rai, and Venkatraman (2010)
Stettina and Kroon (2013)
Hobbs and Petit (2017)
Saha et al. (2019)
Design of IT Allen and Boynton (1991)
vinfrastructure
Duncan (1995)
Byrd and Turner (2000)
Benamati and Lederer (2001)
Wenzler (2005)
Overby, Bharadwaj, and Sambamurthy (2006)
Dybå and Dingsøyr (2008)
Kim, Park, Kang, and Seo (2008)
Fink and Neuman (2009)
Tan, Pan, Lu, and Huang (2009)
Tanriverdi et al. (2010)

Schapiro and Henry (2012)
Celen and Djurdjanovic (2012)
Joachim et al. (2013)
Li, Jia, Chen, and Yin (2014)
Murphy et al. (2018)
Morton et al. (2018)
Business agility and the Broadbent, Weill, and St.Clair (1999)
value of IS applications Rockart et al. (1996)
Lee and Xia (2005)
Gerth and Rothman (2007)
Gebauer and Lee (2008)
Fink and Neuman (2009)
Tanriverdi et al. (2010)
Bhatt, Emdad, Roberts, and Grover (2010)
Chiang, Grover, Liang, and Zhang (2018)
Queiroz, Tallon, Sharma, and Coltman (2018)
Benlian, Kettingaer, Sunyaev, Winkler, and
Editors (2018)
Ashrafi, Ravasan, Trkman, and Afshari (2019)
In this section, we briefly describe research related to the agility of the IS in

four well-established research areas: IT infrastructure, IS development, IS organi-
zation, and IS personnel.
3.17.1 IS Organizational Design

Various researchers have also recognized the role of IS organizational structures
and governance mechanisms for internal functions and IS outsourcing relation-
ships (Clark, Cavanaugh, Brown, & Sambamurthy, 1997). Define change readi-
ness as the ability of information systems’ (IS) organization to provide strategic
IT applications in short development cycles using a highly skilled internal IT
workforce.
IS organization requirements have been addressed in several conceptual docu-
ments. One of the primary antecedents of a flexible IS organization is a partner-
ship relationship between the IS organization and the company. IT departments
are advised to adopt a matrix organizational structure – a structure that manages
technical knowledge as a competence center while simultaneously supporting

customer-focused development and service processes. Often referred to as a center
of excellence structure (Clark et al., 1997; Gerth & Rothman, 2007), it distin-
guishes technical and control tasks from business development tasks. Generally,
an IT organization should aim to become an emerging organization and create
virtual teams to promote close collaboration with business units (Prager, 1996).
3.17.2 Competencies and Skills of IS Professionals

IT staff skills and abilities were recognized as essential elements of information
system flexibility and adaptability. IT infrastructures and agile IT development.
However, two studies in our sample reveal that to approach the capabilities of IS
professionals more broadly than in the field of IT infrastructure alone, or infor-
mation systems development ISD. The starting point for these documents is that
IS professionals will need change agent capabilities (Markus & Benjamin, 1996).
Also, the consideration of surprising events (Butler & Gray, 2006). In their docu-
ments, researchers argue (Butler & Gray, 2006) that organizational structures and
the standardization of work roles and practices can prevent IS professionals to
taking on a more effective change agent role or acting cautiously in the following
areas unexpected situations.
3.17.3 IS Development
In information systems development (ISD), research related to agility has focused
on the use of agile methods. Conceptual research helped to define the key varia-
bles of the research (Lee & Xia, 2005). Developed measurement scales for the two
central components of ISD flexibility: response effectiveness and the effectiveness
of the response. Later, based on an exhaustive review of the use of the concepts
of flexibility, agility, and leanness in business studies, Conboy (2009) defines the
agility of an ISD method as follows:
The continuous readiness of an ISD method to create change quickly or inher-
ently, to adopt it proactively or reactively, and to learn from the change while con-
tributing to the perceived value of the client (economy, quality, and simplicity),
through its common components and its relationship to its environment (Conboy,
2009).
Several case studies then attempted to identify a history of flexibility or agil-
ity in IST. A central book is that companies should follow the principles of the
so-called agile ISD methods (Baskerville & Pries-Heje, 2004; Saonee Sarker &
Suprateek Sarker, 2009)).
However, it was acknowledged that adoption of such methods is a slow learn-
ing process (Berger & Beynon-Davies, 2009; Cao, Mohan, Xu, & Ramesh, 2009;
Wang, Li, Sun, & Yang, 2012). Many other variables, such as the organizational
context, the various attributes of the project, and collective and individual con-
sciousness, define the ability of project teams to effectively deploy agile principles
(Cao et al., 2009; Kalle & Rose, 2003; Ramesh, Singh, & Sharma, 2011; Zheng,
Ng, & Sripanidkulchai, 2011).
3.17.4 Design of IT Infrastructure

Research on IT infrastructure flexibility has benefited from early conceptual
work, first by Duncan (1995) and then by Byrd and Turner (2000). Although
Duncan does not provide a precise definition, the following description provides
a starting point for understanding the flexibility of the IT infrastructure:
Infrastructure flexibility determines ISD’s ability to respond quickly and cost-
effectively to system demands, which evolve as business practices or strategies
change. Ideally, flexible infrastructure would be an infrastructure designed to
evolve itself with emerging technologies and would support the ongoing restruc-
turing of related activities and processes (Duncan, 1995).
Subsequently, Byrd and Turner (2000) developed an instrument to measure
computer flexibility. The instrument was based on the assumption that the flex-
ibility of the IT infrastructure has eight dimensions: four in the technical base (IT
connectivity, application functionality, IT compatibility, and data transparency),
and four in the human component (technology management, business knowl-
edge, management knowledge, and technical knowledge).
New technological trends can be both a means (Fink & Neumann, 2009) and
a challenge (Benamati & Lederer, 2001) for the flexibility of IT infrastructures.
Summary
The company’s master plan, which is a strategic plan designed to pilot IT devel-
opment in the company, by translating its strategy into actions relating to the
information system, has mostly satisfied these needs. However, today, agility has
become a necessary quality, especially in a constantly unstable economic environ-
ment, making it necessary, even indispensable (Conboy, 2009; Imache et al., 2012;
Sharifi & Zhang, 1999; Zhang & Sharifi, 2000).
IT agility has become the primary purpose of any information systems depart-
ment, more than that; it is a quality that any company must have, to meet the cus-
tomers’ needs, face competitiveness challenges, and rapid technological evolution.
Faced with the various transformations and needs of the internal and/or exter-
nal environment, it is essential to structure the EIS to facilitate its evolution and
modify its positioning, structure, and skills, all in harmony with the strategic evo-
lution of its company, while ensuring overall consistency in terms of permanent
IT governance with the global strategy, interoperability, integration, autonomy,
and flexibility. In other words, the EIS must be agile.
Chapter 4
The Conceptual Model for IS Agility
Abstract
In the current era, multiple factors have driven the IS information system
to be able to cope with changes caused by internal and external factors
that affect the organization’s strategy. A variety of environmental factors
can influence organizational capacity and performance and tend to change
organizational strategy, including political, socio-economic, financial, and
technological changes. At the beginning of the twenty-first century, other
changes are expected, such as those associated with cybercrime and artificial
intelligence. In this chapter, the authors discuss the concept of agility, the
dimension of agility, relevant literature studies, proposed agility models, and
the authors propose their conceptual model of strategic agility for IS.
4.1 Introduction
Today, the Department of Information Systems has more than ever the need to
manage better their company’s IT policy, which must not only make it possible to
offer service availability or continuous business improvement but above all offer
competitive advantages linked to the use of information technology. In such a
context, IT Departments must be based on the best approaches and practices
to offer maximum agility to adapt to functional and technical evolutions and to
open up in order to better connect to partners’ processes, while safeguarding and
reusing existing IT assets without calling into question the technologies used for
several years. Within this framework, a new type of information system, a natural
evolution of current systems, will have to be defined and developed and which
must be capable of being recycled over time, of being reconfigured effectively
without generating new difficulties. In our opinion, this is a significant opportu-
nity to define and use a tool-based approach based on a rigorous methodological
approach to guide architects and decision-makers in their process of develop-
ment, redesign, and modernization of corporate information systems.
To cope with the internal and external pressures that the company is under-
going, to control changes with the necessary reactivity, and to reduce costs, it is

doi:10.1108/978-1-80043-810-120211005
essential to manage its information system rigorously and coherently, bringing

about essential and rapid changes at all levels and in all dimensions of its informa-
tion system. The changes concern technologies, applications, processes, organiza-
tion, and human resources. All these elements influence the company’s strategy
and vice versa. Thus, there must be sufficient agility in an information system so
that it is aligned with the company’s strategy.
However, the information systems deployed within companies are not always
profitable and efficient, which can be explained by their lack of agility in an evolv-
ing environment, as well as by unexpected changes, a situation in which their
development is often forced, more than expected.
Today, the concept of agility is recognized as a means of maintaining consist-
ency and improving the efficiency of IS. Therefore, the challenge is to keep informa-
tion systems as open as possible while preserving the company’s information assets;
information systems must be able to respond quickly and effectively to changes.
Recently, the subject of IS agility has increasingly attracted the interest of IT
researchers and practitioners. According to Lee, Sambamurthy, Lim, and Wei
(2007) and Sharifi and Zhang (1999), the transformation of uncertainty in the
business environment is a significant topic of management research. The trans-
formation of uncertainty requires that the essential functions of any IS can cope
with uncertainties.
In the current era, multiple factors have driven IS to be able to cope with
changes caused by internal and external factors that affect the organization’s
strategy. Various environmental factors can influence organizational and perfor-
mance capacity and tend to modify organizational strategy, including political,
socio-economic, financial, and technological changes. At the beginning of the
twenty-first century, other changes are expected, such as those associated with
cybercrime and artificial intelligence. In this chapter, we discuss the concept of
agility, the dimension of agility, relevant literature reviews, and have proposed a
conceptual model and conclusions.
4.2 Literature Review

Several authors in the past and more recently have given an immense interest on
the agility concept (Cai et al. 2013; Chen et al. 2014, 2015; Lu & Ramamurthy,
2011; Mao et al. 2014, 2015; Nazir & Pinsonneault, 2012; Overby et al. 2006;
Ragin-Skorecka, 2016; Rai et al. 2006; Sambamurthy et al. 2003; Tallon, 2008;
Tallon & Pinsonneault, 2011).
At its central, agility entails the ability to react rapidly and flexibly to face
change emerged by the technical domains and environment business. Also, agil-
ity is defined as “the capacity of an interoperable system to detect its potential
unsuitability versus environmental changes and to perform an appropriate adap-
tation according to its component systems, reactively and effectively” (Zhang &
Sharifi, 2000). In other words, we define agility as the ability to perceive, analyze,
and respond to changes in a turbulent environment based on competence, knowl-
edge, and learning, to take advantage of opportunities created by environmental
change (driver) through technical and organizational infrastructure. In Table 4,
some popular definitions of organizational and IS agility are briefly presented.
The Conceptual Model for IS Agility 69
Table 4. Agility Definitions.
Authors Definitions
Goldman, 1995 For the company, agility means being capable of having
a competitive advantage and continually predict the
unpredictable requirements of customers
Zhang and Agility means the capacity of an organization to detect,
Sharifi, 2000 analyze, and understand changes emerged by business
environment, in the aim to face these changes (by changing
its internal and external activities) and to perform
appropriate solutions in fastest time
Helo, 2004 Agility means the capacity of the organization to respond
to a change in a flexible way
Power, 2005 Agility means a combination of market knowledge and
virtual corporation to take advantage of opportunities in a
volatile marketplace
White, Daniel, and Supply chain managers must admit change but still need to
Mohdzain, 2005 improve a strategy that allows them to match supply and
demand at an adequate cost. The capacity to accomplish
this has been named supply chain agility. Information
and more precisely an agile information systems were
recognized as being a critical factor in achieving agility in
the supply chain
Swafford, Ghosh, An organization supply chain agility directly influences its
and Murthy, 2008 capacity to create and deliver innovative products to its
consumers in a brief time and cost with effective manner
Holmqvist and Agility permits organizations to be able to sense and
Pessi, 2006 respond rapidly to unpredictable events and thus satisfy
customer requirement changes. This capability is critical
in today’s business world. New technologies and the new
manners of management of the business are presented
continuously to create or change the global requests
of the market
Lee et al., 2006 The company needs to address the specificities of the sites
covering the activities of the global business. Companies
must have the capacity (that is agility) to develop and
deploy systems quickly to answer to the new business needs
Desouza, 2007 Agility as a result of routines and quotidian practices that
support strategizing between owners, senior management,
and other essential strategy processes participants, such as
managers, consultants, and staff
Braunscheidel and Agility for supply chain is set as the company capability to
Suresh, 2009 more effectively collaborating with distribution partners to
face market changes rapidly
Authors Definitions
Mithas et al., 2011 Postulate that knowledge management and agility are two
important intermediaries that help implemented
Yi, Ngai, and Agility for the supply chain is considered as a basic type of
Moon, 2011 operational capability required for the high performance of
the company
Kryvinska, 2012 The agility supply chain is regarded as a crucial type
of operational ability required for highly company
performance
Sørensen and Defining academic agility as the ability of an academic
Landau, 2015 field to examine quickly and ingeniously environmental
changes in its central academic debate
Liu, Yang, Qu, Nowadays nearly all organizations count on information
and Liu, 2016 systems to operate. Agility in Information systems can be
considered as critical to achieving overall agility in business
Park, El Sawy, A combination of sensing agility, decision-making agility,
and Fiss, 2017 and acting agility
Ravichandran, Agility is a competence that allows firms to adapt to
2018 contingencies posed by the environment
Zhou et al., 2018 The capability to detect and respond to demands
embedded in online customer reviews
Dave and Arthur, Agility can be defined across four dimensions (creating the
2019 future, anticipating opportunities, adapting quickly, and
learning continuously); agility occurs with four stakeholders
(strategy, organization, leader, and individual); and agility
is supported by four human resources (HR) tools (people,
performance, information, and work)
The agility notion was introduced in the literature of organizational man-

ufacturing strategic management at the beginning of the 1990s, as a method-
ology to deal with the instability of the industrial environment and benefit
from new opportunities produced through the environment changes to own
competitiveness.
How can firms become agile? How can they acquire the needed capacities?
What exactly are these capacities?
Many researchers in the strategic and organizational management fields

approached these questions, by referring to the theoretical works and theories
preceding the initiation of agility concept. These theories and methods were
adopted as a reference to Information Systems agility research.
As concerns, the agility concept was increasingly used in union with other
terms such as the flexibility, the adaptability, and the reactivity. Inspired by the
success of the agile methods in the field of the IT programming at the beginning
of the 1990s, the practitioners interpreted the idea of the agile methods used in
programming, an interpretation that still influences the adoption of the agility
concept of many IS professionals.
In the research literature, the concept of agility was attached to the way, which
the system information reacted to face unpredictable changes such as the increase
user’s requirements, the process business changes, the strategic changes, the com-
petitiveness, the organizational structure, the market changes, and the future
changes.
In summary, various facets of agility were underlined by diverse authors who
led to varied points of view. Therefore, the IS agility research was divided into
several sub-domains such as (infrastructure, strategic IS, IT skills of IS profes-
sionals, governance of the IS, IS development methods, and software develop-
ment). Though there is a difference in agility definition in the literature, these
definitions are not opposite. However, the disadvantage is related to the lack of
the global view of IS agility, lack of theoretical clarity, and conceptual parsimony
in a different IS agile research areas, as shown in Fig. 23.
4.3 Literature Methodology

In our literature review, we adopted an exhaustive approach relative to the research
objective. To achieve that, all appropriate and highly cited academic publications
are included in the examination process of our literature review based on several
databases and research engines, such as (ProQuest, (Abi/inform), Elsevier, Emer-
ald, Atypon, ACM digital library, ScienceDirect, IEEE Xplore, and Gale Cen-
gage computer), by using keywords as: “IS agility model,” “agile IS,” “achieving
Strategy
Changes
Technology
& People
Innovation
IS
R&D Legal
Changes
Future
Fig. 23. Factors Influencing Information Systems.

agility in information systems.” The combination of used keywords depends on

the review or the database. We viewed and treated identified articles; also, exam-
ined articles were identified through news citations and bibliographic references.
4.4 IS Agility Frameworks

4.4.1 Zhang and Sharifi (2000)
Because changes and the pressures on firms can be different, the agility level
need by the manufacturing organizations will also be different. This level is cited
with the term “the level of agility needed,” depending on various drivers such as
the turbulence of the business environment, the company context, and the char-
acteristics of the company, once “the necessary level of agility” is determined
for the company, and the following step is to evaluate the agility level acquired
by the organization. The difference between “the agility required level” and the
level of agility that the company has already, is the level that the organization
must meet in order to be agile. The detection, recognition, and classification
are the actions needed to identify different changes faced by the company, in
order to reduce the level of impact of each agility trigger individually. The level
of agility capabilities required can be determined from the trigger of changes.
In the final stage, a conceptual model comprises three steps: The first identifies
agility providers that could bring about the required capabilities. The implemen-
tation of the identified providers is determined by the second step level of agility
achieved. As a measure of performance, and in the third step, the formulation
of corrective actions to further enhance performance is performed. Different
tools must be developed to support firms in the aim to achieve an above process
that has already cited.
In summarizing, the researchers (Zhang & Sharifi, 2000) have proposed a
methodology to detect a different change in the business environment, in which
the company must have the ability to determine the desired agility level. The strat-
egies are available to the company in the aim to determining the unpredictable
changes, which influences its strategy and sometimes even threaten its existence
and define the capabilities and priorities in order to implement the capabilities
needed by the firm to face changes and identify the ways that could support the
company to intercept change. The model proposed by Zhang and Sharifi (2000)
is presented in Fig. 24.
4.4.2 Gunasekaran and Yusuf (2002)

The researchers (Gunasekaran & Yusuf, 2002) have developed their agility man-
agement (AM) adequate to firms that work in an aerospace, industrial firm con-
text. This survey evaluated the company’s agility by taking a technical study with
the assistance of a suitable questionnaire. The objective is to revise agility pros-
pects in the manufacturing sector to identify key AM strategies and technolo-
gies. Also, the authors have proposed a framework to become agile for Industrial
Systems based on four keys: strategy, people, technology, and systems, as shown
in Fig. 25.
Strategy Formulation
Identification of
Agility Drivers Missing Capabilities
Assessment Identification of
Changes/Pressures of
Agility Providers
Agility Needs
Marketplace
Technology Analysis
Customer Req Implementation
Assessment
Competition Basis of
Agility level
Social Factors
Performance
Measurement
Fig. 24. The Proposed Model to Achieve Agility in Manufacturing.
STRATEGIES
Reconfigurability, Flexible People, Virtual
Enterprise, Strategic Alliances, Core
Competencies, Reengineering, Supply
Chain Integration, Responsive Logistic,
STEP, Heterogeneous, Computer
Systems, Concurrent Engineering.
RAPID VIRTUAL
PERTNERSHIP ENTREPRISE
SYSTEMS TECHNOLOGIES
MRPII, Internet, WWW,
Rapid hardware, Flexible Part
Electronic Commerce, CAD, Agile
Feeders, Modular Grippers,
CAE, ERP, TOC System,
Manufacturing Real time control Information,
Kanban, (CIM, ABC/ABM,
Technology (CAD/CAE, CAPP,
JIT). Systems CAM), Multimedia, Graphical
Simulator.
RECONFIGURABILITY MASS CUSTOMIZATION
Flexible Work force,

Knowldge Workers,
Skills in IT, Multi-lingual,
Empowered Workers,
Top Management Support
PEOPLE
Fig. 25. Agile Manufacturing Paradigm.
4.4.3 Crocitto and Youssef (2003)

The authors (Crocitto & Youssef, 2003) consider organizational agility (OA) as the
combination of organizational processes, characteristics, and people with advanced
technology. Agility improves the Capability of the organization to provide prod-

ucts and services with high quality to increase organizational competitiveness.
They propose an integrated production/operations, general management, and
socio-technical opinions in order to develop a model of OA.
The proposed model is based on agile suppliers, members of the organiza-
tion, and united customers through information technology. It is suggested that
these connections are based on essential leadership, a culture of the organization,
and employee reward systems that create a relationship between technology and
people.
These relationships include the involvement of people in the process of decision-
making, the creative process, and product with high quality, by proposing enhanced
jobs, technological training, and reward system that increases the OA level.
In summary, the authors propose a model based on the integration of the
human element to achieve OA and get a competitive advantage as shown in Fig. 26.
4.4.4 Lin, Chiu, and Tseng (2006)

The agile organization aims to enhance/satisfy employees and clients. Change is
the principal cause behind agility. Even though change is nothing new, today’s
change is taking place at a much quicker speed than ever earlier. Turbulence and
unpredictability in the market environment have become the principal reasons for
failure in the manufacturing industry.
ORGANIZATIONAL AGILITY
SPEED COST QUALITY
MANUFACTURING
RESPONSIVENESS FLEXIBILITY
AGILITY
Advanced Manufacturing And Information Technologies
Culture
Organizational
Suppliers leadership Customer
Memberships
reward system
Fig. 26. Model of Organizational Agility.

Customer Requirement AGILITY Technology

Competition criteria
Market DRIVERS Social Factors
AGILE ENTREPRISE
Enrisch and satisfy Customer

Cost Robustness
Time Function
Quickness Competency
Agility capabilities Responsiveness Flexibility
AGILITY ENABLERS/PILLARS
Leverage people Master change Collaborative

information technology Uncertainty relationships
(Foundation) (Control) (Strategy)
Fig. 27. Conceptual Model for an Agile Enterprise.
In short, the number of changes and their type, specification or feature, cannot
be readily shaped and are probably indefinite. Therefore, the authors (Lin et al.,
2006) have evolved a model containing four aspects to be agile. The first prospect
is that customer requirement, competition criteria, market, technology, and social
factors are changing competition in business environments (Agility drivers). In
the second aspect, the agile organization tries to enrich and satisfy customers
based on components such as cost, time, purpose, and hardiness. Agility capa-
bilities involved in the third facet are flexibility, responsiveness, quickness, and
competency. The proposed model is presented in Fig. 27.
4.4.5 Swafford, Ghosh, and Murthy (2008)

The authors proposed a process based on a framework of agility in an organi-
zation’s supply chain. Three key factors that define the flexibility of the attrib-
utes of three fundamental processes of the supply chain in a firm of logistics or
distribution, procurement or sourcing, and manufacturing are presented in their
framework.
Also, they emphasized the factors that constitute the history of its supply
chain agility; they also develop the structures and assumptions for the supply
chain agility, as presented in Fig. 28.
4.4.6 Ramesh, Mohan, and Cao (2012)

According to Ramesh et al. (2012), the strategy of the company is influenced
by different elements like environment, socioeconomic, legislative, technologi-
cal, and globalization changes, which increases the complexity of its information
SUPPLY CHAIN
FLEXIBILITY
Increased supply
COMPETITIVE
INFORMATION chain flexibility
BUSINESS
TECHNOLOGY increases supply
PERFORMANCE
INTEGRATION chain agility
SUPPLY CHAIN
AGILITY
Fig. 28. Conceptual Model for Supply Chain Agility.
system and the ferocity of competition. For a company to be sure of its position
in a context characterized by a rapid and a random change in external environ-
ments, it must have a fast adaptation policy, a strategy to rapidly make significant
changes for all systems to align it with its strategy and conversely; which means,
it must always be agile. Therefore, to achieve enterprise agility, it is necessary to
consider the information system agility as an objective.
In their papers, the researchers discuss the assessment of agility in the POIRE
(Process, Organization, Information, Resource, and Environment).
According to the authors, first of all, we must define the target IS, which will
best serve the company’s strategy, and satisfy the business process, in short, an
aligned information system; Second, to lay down construction rules that allow
the system to avoid repeating gaps in the old information system and anticipate
changes, in short, an Agile IS. Finally, determining the trajectory transformation
from the present IS to the target IS, it needs to emphasize the current informa-
tion system in order to define appropriate criteria for achieving the restructuring
phase. This model is presented in Fig. 29.
4.4.7 Atapattu and Sedera (2014)

The authors (Atapattu & Sedera, 2014) propose a research model for detection,
response, and customer satisfaction, as shown in Fig. 30. The authors argue that
“customer satisfaction” will be at its highest level when a company’s detection
Fig. 29. POIRE Agility Evaluation Approach.
AGILITY
Sense Response
Mobile (Customer’s (customer Firm
CRM use of perceived performance
mobile CRM ) Responsiveness )
Fig. 30. Business Agility through CRM for Customer Satisfaction.
and response capabilities are aligned. Starting from the argument that increased
CRM use by customers enhances an organization’s opportunities to detect cus-
tomer needs, CRM becomes a substitute measure for corporate perception.
According to this agility alignment module, the company can execute these pro-
jects in response to the client’s changing demands since the company’s actions are
based on CRM information.
Through CRM use, customers can recognize that the company meets their
specific needs through the real experience they perceive. In other words, a com-
pany’s responsiveness is reflected in the company’s responsiveness as recognized
by the customer. The actual customer experience then determines the level of
customer satisfaction, as customers perceive that the company is meeting their
unique needs. Through CRM use, customers can recognize that the company
meets their specific needs through their perceived real experience. In other words,
a company’s responsiveness is reflected in its reactivity with its customers.
4.4.8 Park, El Sawy, and Fiss (2017)

The authors (Park et al., 2017) propose a configurative approach to support OA
and maintain competitiveness by explaining how IT, corporate, and environmen-
tal elements combine to achieve the desired results. Fig. 31 illustrates the com-
ponents and suggests specific, rather than general, prescriptive causal recipes for
producing OA in specific organizational and environmental contexts.
4.4.9 Morton, Stacey, and Mohn (2018)

In their study, Morton et al. (2018) propose a framework for IT executives. This
framework brings these practitioners together with episodes of practice and asso-
ciated practices to build and maintain strategic agility, as shown in Fig. 32. The
frame includes practical and theoretical strategy work to conceptualize IT execu-
tives as strategy practitioners. It demonstrates their role in strategy development,
that is, building and maintaining strategic agility through the interaction of dis-
tinct sets of practices in episodes of strategic practice. The results emphasize that
IT executives contribute, through their practices, to strategic agility in several ways.
4.4.10 Wu (2019)
In their work, Wu (2019) proposes an IS integration to improve supply chain agil-
ity, based on four key elements. First, on customer sensitivity, for a rapid response
Fig. 31. Producing Agility through IT Configuration.

LEADING
BALANCING MONITORING
Executive APPLIYING FOSTERING
IT-leaders BALANCING CONSOLIDATING
Strategic Agility ADABTING EVOLVING
Practices LEVERAGING MONITORING
DEVELOPING REPORTING
Explore Internal
And Effectively Manage Episodes Of
Building And Strengthening
External Communicate Tensions Strategy
Maintaining Strategic
Organizational And Within Praxis
Strategic Agility Influence
Domains Collaborate Organizations Over Time
Executive
IT-leaders
As Strategy
Practitioners
E.g CIO, CTO, Vice-President of IT
Fig. 32. A Framework for Executive IT Leaders to Strategic Agility.
to customer needs. Secondly, by delivering real-time information to detect

changes, at the customer level and market developments, to improve product and
volume flexibility. Third, cooperation within the organization for synchronization
between staff and organizational sub-units, which are essential in the implemen-
tation of necessary actions to meet the continually evolving needs of customers.
IS integration enables communication by real-time synchronization of informa-
tion across the entire supply chain. Fourth, virtual integration facilitates a process
of improving agility by encouraging the free flow of information and exchange of
ideas, such as collaborative organizational work. Systems’ integration leverages
the value of information by crossing internal and external organizational bound-
aries, thereby providing the necessary information. Systems’ integration leverages
the amount of information by crossing internal and external organizational bor-
ders, thus providing essential information, as shown in Fig. 33.
4.5 Discussion and Critics

4.5.1 Discussion
The IS Agility has attracted the attention of researchers since the 1990s with arti-
cles proposing many approaches and concepts for organizations and their infor-
mation systems in order to respond off the new requirements of organizations,
information systems, employees, and customers.
At the beginning of the twenty-first century, agility research has evolved from
the general explanation of the agility paradigm to the explanation of agility
through the attributes of the computer system, the development methods, and
practices of outsourcing, and the (IS) staff. Research on IS agility was therefore
Fig. 33. IS Integration to Improve Supply Chain Agility.
divided into different sub-areas such as Strategic IS Management, Business agil-

ity and the value of IS applications, IT Infrastructure, Skills of IS Professionals,
Governance of the IS, Methods used in IS development, and Methods used in
Software Development, which give diversity in research presented to date.
The strategic agility of IS presents a severe challenge for researchers. The
agility notion still not clearly defined and conceived, although the primary
and the principal drivers of agility such as People, R&D, Legal changes, Strat-
egy changes, technology change, and Future changes have been cited in the
literature review.
Nowadays, the above agility requirement constitutes a significant preoccupa-
tion of organizations, which seeks more flexibility and reactivity to cope with
several changes. In other words, SI must have the capacity to modify its structure,
after a pertinent analysis of the existing IS, and their requirements.
4.5.2 Critics
We do not find a general definition of agility; there are various opinions about
the meaning of agility concept. In research, the term of agility is used to define
the way that (IS) can be adapted to cope with the unpredictable change emerging
from internal or external the organization.
No one of the above models has cited IS security, such as a driver for agility.
Also, the proposed models and methodologies do not get up any systemic pro-
cess for the implementation of agility except (Zhang & Sharifi, 2000). Also, the
proposed models are primarily based on manufacturing area and do not give a
holistic and comprehensive approach to agility measurement and improvement in
another organizational context, such as the organization operating in the public
or service sectors.
These models proposed a methodology for enhancement of flexibility,

but no one of them suggests a practical method for agility assessment and
improvement.
4.6 Agility Components

As mentioned in the literature section, one of the most interpretations to define
the agility concept is “the capacity to adapt to changes” (Conboy, 2009). Informa-
tion technology is thought to be an essential ability for increasing OA (Woodard,
Ramasubbu, Narayan, Tschang, & Sambamurthy, 2013). According to Lu and
Ramamurthy, IS agility is generally considered as an enabler of a firm’s agility.
Acknowledges that, which IT capability as an underlying component reflected in
three dimensions:
⦁⦁ IT infrastructure capability (the technological foundation);

⦁⦁ IT business capability (business-IT strategic thinking and partnership); and
⦁⦁ IT proactive stance (opportunity orientation). In this perspective, IS must first
identify agility drivers to determine the required level of IS agility. To define
the current level of IS agility, we must identify the agility providers. This latter
helps IS to improve their existing capabilities and specify the capabilities to
promote the ability to face changes.
4.7 Agility Drivers

According to Markus and Robey (1988), conceptual models are generally derived
from process theories or variance (factor); also, researchers have cited several fac-
tors about drivers, capabilities, and providers.
According to Zhang, the drivers of agility are the changes/pressures emerg-
ing from the business environment, which are necessaries for a company to find
new solutions in order to maintain its competitiveness. Also, Susarla et al. (2012)
argue that new emerging operational priorities require new IS capabilities. In
Table 5, we have listed seven different categories of drivers change relevant to
information systems: Strategy, Technology, Legal changes, People organizational,
Security and, finally Research and development (R&D).
4.8 Capability
The literature has indicated three types of IS capability:
⦁⦁ Technical capability: Refers not only to the specific technical specialities

(including programming, understanding software development processes and
knowledge of operating systems, database systems, and other such areas), but
is also concerned with the understanding of where and how to deploy IT effec-
tively in order to support the strategic goals and objectives of an organization
(Lee et al., 2006). IT personnel with robust technical capability are more likely
to provide practical technical solutions faster.
Table 5. Agility Drivers Types.
Type Drivers Authors

Technology IT architecture Zhang and Sharifi (2000)
Planning and development Felipe, Roldán, and
The introduction of new LealRodríguez (2016)
technologies Fink and Neumann (2009)
Joachim et al. (2013)
Strategy Business value (IT Overby, Bharadwaj,
investments) and Sambaurthy (2006)
Assessment framework
Analysis and planning
Governance
Migration planning
Development
Managing strategic
changes
People Client satisfaction Avital et al. (2006)
Personnel skills and
competencies
Customer requirement
Interpersonal and
management skills
Security Attacks Kankanhalli, Teo, Tan,
Vulnerability and Wei (2003)
Incidents Pereira and Santos (2010)
Intrusions Soares and Sá-Soares (2014)
Breaches Polónia and de Sá-Soares
(2013)
R&D Best practices Weill, Subramani, and
Management IS Broadbent (2002) Hugoson,
Work process Magoulas, & Pessi (2008)
Rules Zheng, Venters, and
Cornford (2011)
Wang, Conboy, and
Cawley (2012)
Organization Competitors’ actions Sambamurthy, Bharadwaj,
environment Economic shifts and Grover (2003)
Overby, Bharadwaj, and
Sambaurthy (2006)
Legal Regulatory/legal changes Overby, Bharadwaj, and
Sambaurthy (2006)
⦁⦁ Business capability: Relates to the ability of IT personnel to comprehend the

business processes they support as well as the organizational consequences
associated with the practical solutions they implement. Such ability requires
general business knowledge, organization-specific knowledge, and knowledge
to learn about business functions (Byrd, Pitts, Adrian, & Davidson, 2008;
Fink & Neumann, 2009; Lee et al., 2006).
⦁⦁ Personnel capability: Means a set of interpersonal and management knowl-
edge and skills which are especially critical to IT personnel who habitually
assume a boundary spanning role in their organizations (McCann et al. 2009).
Such capability includes project management, team collaboration, planning,

presentation and communication, organizing and leading projects, etc. (Fink &
Neumann, 2009). IT personnel with strong behavioral capability are often sensi-
tive to organizational culture and politics, which makes them work efficiently and
effectively across business functions.
Researchers suggest three main phases to agility: drivers, capabilities, and ena-
blers or providers. Several factors have been emphasized on the capacities of driv-
ers and enablers in the IS fields. Here, we combine those elements to form a new
and complete model of OA areas. Fig. 34 describes the different component to
achieve agility.
Fig. 34. Agility Types of Research Components.

4.9 The Proposed Conceptual Model to Achieve

Strategic Agility
In Fig. 35, we proposed a model for a practical methodology of IS strategic agil-
ity. This model suggests that any IS requires to examine external and internal IS
environment. At the first step, IS must sensing diverse internal and external driv-
ers. These factors represent the organizational strategy, technology, people, legal
changes, intra-organizational context, technology, security, R&D, organizational
environment, and so on. At the second stage, it is essential to identify the drivers
that press on IS to change or challenge the IS life and survive. Therefore, it needs
to resolve rapidly and efficiently agility’s drivers as they meet with those factors,
which require the identification, categorization, valorization, and prioritization
Sensing
Strategy IDENTIFICATION
TREATMENT & ANALYSIS
Ogranizational
D RI VERS
Technology CATEGORIZATION
Security
People VALORIZATION
Legal
R&D
PRIORITIZATION
Results
communication DBPA
Determined Capacity
&
Readjustment
Determined / Update PSIS
Analyse
&
Strategy Formulation
Diagnostic
Agility
Level need
Implementation
Gap Analysis
Current
Measuring Agility level
Agility Level
Fig. 35. A Conceptual Model to Achieve IS Agility.

of changes faced by the company, as well as the analysis of the impact individual
changes will bring to the company.
The results of this and previous stage can be analyzed in order to determine
the strong and weak point. At this position is should determine an agility level
needed to react with an efficient way to the changes or pressures. The IS needed
agility level is considered equivalent to the degree of drivers change impact. The
difference between the required level of agility and the existing constitutes a sup-
plementary pillar of decision-making after its analysis. In this work, the results of
the examination are typically classified into four types:
⦁⦁ The IS does not need to respond.

⦁⦁ The IS agility level is satisfactory to answer to changes as might be encountered
in the future.
⦁⦁ The IS must be agile but not in an emergency.
⦁⦁ The IS must be agile effectively and urgently.
The next step following the measuring of needs agility is to define the neces-
sary agility capabilities in the aim to become agile. The last stage of the model
requires determining the agility Drivers, which could provide the necessary capa-
bilities, implement the identified providers, determine the current agility level, and
finally formulate corrective actions in order to enhance performance. It should be
noted that some tools must be developed to support appropriately carry out the
above model.
4.9.1 Sensing
Recall that the allied forces of environmental change include competitor actions,
strategic changes, and changes in consumer preferences or IS staff skills, eco-
nomic changes, regulatory and legal changes, and technological advances. These
different changes require a standby to detect any potential changes regarding
each of these types.
For example, an organization needs the capacity to sense market changes,
track competitors’ actions, consumer preferences change, and economic changes.
Furthermore, sensing regulatory and legal changes that have an impact on a
company is a necessity and this is through government relations’ department or
legal service. Finally, practical research, development, and IT capabilities will be
required to detect technological progress and how an organization can exploit
them to take competitive advantage.
According to Brynjolfsson and Mendelson (1993), the information system is
the core of the company. Viewing its role, the IS must have a strategic intelligence
sensing on all elements influencing the company and its strategy. According to
Brynjolfsson and Mendelson (1993), the information system is the company core.
Viewing its role IS must have sensing on all elements, influencing the company
and its strategy. Today an essential flow of information requires a daily listening
on Aggregators, alerts, RSS feeds, networks social, ERP, and so on, to detect an
opportunity or anticipate a menace. Table 6 illustrates the types of sensing which
organization can adopt.
Table 6. Sensing Types.
Sensing Types Temporal Target Actors

Horizon
Scientific Permanent Scientific database Department of Prospective
long-term Scientific congress Department Strategy
Journals and R&D
scientific reviews
Societal Permanent Political actors Department of perspective
long term Study of cultural, Department strategy
political, social, R&D
and historical
factors Product Manager
Public opinion Division of Product
Commercial Permanent Analysis of Responsible Operational
and competitive Short Term competitive Divisions
movements
Alternatively, the
introduction of
new products
Analysis of a
market event
Strategic Short Terms Detection of Top management
sensing incongruities; Agility team
Conferences, fairs,
and Symposiums
Social media Permanent Analyze information Marketing managers
Sensing long-term on current topics
related to their
companies
⦁⦁ Scientific sensing, which covers all areas that could give the company a com-
petitive advantage based on scientific evolution (science, technology, processes,
and methods).
⦁⦁ Societal sensing: This sensing consists of discerning among a certain number of
changes “demographic evolution, cultural changes, ...” the significant changes,
which are taking place in society and which risk transforming or disrupting the
company and its environment. Through the study of cultural, political, social,
and historical factors, institutional, political actors (state, administrations,
local authorities, trade unions), public opinion, the evolution of regulations,
and the environment.
⦁⦁ Commercial and competitive sensing, which includes the business aspects (cen-
tered on markets, customers, business methods, etc.), moreover, competitive
(about competitors and new entrants, products, and especially new alternative
products, relations with suppliers, consumer relations, etc.).
⦁⦁ The strategic sensing, which benefits from the coordination of the various
existing watch structures. Another way to segment the various forms of what
is to distinguish them according to their time horizons, their fields of applica-
tion, and the nature of the actors required: sensing is a “continuous and largely
activity to sense a different change driver such as the technological societal,
commercial and competitive environment. That is mean to permit an organiza-
tion to anticipate changes.”
⦁⦁ Social media sensing: Nowadays, Social Media sensing has become a neces-
sity for any companies that want to plan and manage their communication
on social networks or keep an eye on competitors. Marketing managers can
analyze information on current topics related to their company. Also, it is pos-
sible to monitor exchanges of opinions, discussions, and trends in real time.
The Social Media monitoring allows having a vision on the influencing Web
exchanges. Also, identify and react at real-time to the critics.
To describe and specify the subjects that interest the organization and for
which it is required to collect data or information, it is necessary to define the
sensing axes and the purposes that should concern the strategic factor, commer-
cial, competitive, technological, legal, regulatory, economic, societal, etc. On the
other hand, identifying the objectives targeted by the decision-makers means the
strategic objectives of the company.
The sensing phase must carry out on a regular or variable data sources, giving
the right level of pertinence to the information corresponding directly or indi-
rectly to the sensing axes.
In the phase of identifying, processing, and analyzing the collected data, it is
a question of analyzing the collected information and organizing it in such a way
as to make it exploitable.
Finally, the phase of validation and readjustment after the communication of
the results allowed the adjustment by deepening or reorientation of the objectives
and means of sensing as shown in Fig. 36.
4.9.2 DBPA
DBPA (Agility DataBase Provider) will allow managing agility providers for
each organization and critical information. The establishment of a reference is
necessary to improve the level of agility of the SI and to be able to exploit it in
the future.
By centralizing the various information available after the communication
phase of the results, this will make it possible to manage all the characteristics
of all the providers managed and listened. Building a database is necessary to
improve agility. In an approach based on the results communicated and the rel-
evance of the information, the DBPA will allow managing all the characteristics
on all the agility triggers that press on the IS as:
⦁⦁ identification of the configuration items CIs and attributes associated with

each provider;
⦁⦁ the complete history of all activities related to a provider;
Definition / Redefinition
Of The Aims And The Axes Of
Surveillance
Determining Types Of Useful

Information
Identification And
Selection Of Sources Of
Information
SENSING
Treatment / Analysis Of
Collected Information
Synthesis And Perspective
Communication Of The
SENSING Results
Validation
and DBPA
Readjustment
Consultation
Fig. 36. Sensing Phase.
⦁⦁ intuitive modeling of relationships between providers;

⦁⦁ impact analysis on IS, on users; and
⦁⦁ possible solutions and actions.
4.9.3 The Level of Agility Need

Assess the level of agility needed is essential with the aim to determine the con-
texts, in which agility is necessaries and those in which agility may represent
wasteful of resources.
We estimate that environmental conditions become increasingly turbulent for

firms across success; organization agility will be necessary for firm success. The
needed agility level for an IS is considered equal to the level of IS internal and
external changes.
⦁⦁ Assessment of current agility level
It is necessary to consider the change generated by factors being marked in the

model include general actors such as Strategy, Technology, people, R&D, Secu-
rity, and organization environment. To evaluate a current IS level agility, the IS
must sense proactively the needs of an organization and its external environment
and take advantage of unexpected opportunities. Because each of these general
factors is divided into some sub-factors, the evaluation tool should also take
structure layers. A top layer corresponds to the general areas to be evaluated and
a second layer corresponds to specific agility driver of each information systems
and organization.
4.9.4 Security Policy

When an organization decides to make a change in its information systems, a
security assessment related to this change becomes a necessity otherwise an obli-
gation. In order to study each possible vulnerability, this evaluation must include
an explicit analysis of the security policy and the existing procedures. Emphasize
should be placed on detecting vulnerabilities that may or may not be used to
infiltrate or get data.
Ideally, we should start by defining a comprehensive cybersecurity strategy
and/or a cyber-risk assessment. These will give an important starting point. Fail-
ing that, we should consider the cyber standards of security that the organization
must adopt, such as risks, and contractual relationships that we must respect.
We must ensure conformity of the security policy with the standards of IS
security; we need essentially write entirely new security policies which are deter-
mined from new requirements (new capacity).
Maintain accurate registers of system files, Software, hardware problems, and
service requirements. Good knowledge and support of the technologies and ele-
ments to be introduced to the Information systems, preserve adequate support
for the end-user support process, back-office, and a backup for any application
in IS.
It should be noted that it is essential to reach a substantial agreement from the
Top management of the organizations. Otherwise, this will be the first obstacle to
non-compliance with the new policy thing that will undoubtedly affect the secu-
rity level of the organization.
4.9.5 The Proposed Model Contribution

The purpose of this chapter is to provide a conceptual model for assessing and
enhancing IS agility in order to respond effectively to any internal and external
changes in the organization.
None of the models or methodologies previously described in the literature

proposes a systematic model for the implementation of agility except Zhang
(Zhang & Sharifi, 2000). Although these models designate three parts of agility
as drivers, capacities, and enablers, but do not agree on the elements of these fun-
damental parts. Also, many steps, such as the strategy formulation, the external
and internal environmental evaluation, the agility measurement process, and the
development of action plans, are not identified and articulated.
As we have seen in the agility’s approach section, the authors have set out
many different definitions for the agility concept, but they do not agree on a
unique definition. We define agility as the ability to cope with driver changes by
using enablers in order to gain beneficial capabilities.
In summary, the main characteristics of this methodology than previous mod-
els are:
⦁⦁ The proposed model has a systematic approach to guide information systems’

direction to implement agility easily and successfully.
⦁⦁ Internal and external drivers of change are considered and determined in this
model.
⦁⦁ Many factors, capabilities, and providers have been identified in this model.
⦁⦁ Strategy formulation and action plans are mentioned in order to move away
from the traditional IS to the Agile IS.
⦁⦁ Provide many approaches to measure a level of agility that IS has gained to
re-analysis conditions and design improvement initiatives.
⦁⦁ A security policy for IS (PSIS) formulation or an update in the case of existing
PSIS must be applied in order to consider the new changes and preserve the
information patrimony.
⦁⦁ Some agility frameworks attempt to present a more integrated and holis-
tic model still has a vision mainly centered on production and technological
aspects of the company, but this model can be applied to any organization
(whether profit, nonprofit, service, public, and private).
⦁⦁ This model shows the need for a knowledge-based system for further distin-
guished the new changes.
⦁⦁ Finally, a method to measure agility must be adopted and applied frequently
to maintain the synergies of IS and Agility level, in the aim to intercept the
changes evolving from inside and/or outside the organization.
Summary
From a strategic point of view, agility lies in the conquest of new markets, in
risk-taking, in the apprehension of new social and environmental issues. Thus, at
the level of the operational strategy, it consists of an ability to integrate the stake-
holders into the business practices and a better understanding of the business by
re-estimating all the links of the chain of value in a logic of creating a competitive
advantage. In other words, talking about agility is necessarily about strategy and,
more specifically, about the organization, culture, and management model that
will make it possible to best relay the need for reactivity.
This chapter introduced the concept of agility in enterprise information

systems and the frameworks for producing and evaluating agility. Although these
frameworks are relevant, they are still at the conceptual stage and therefore of
limited scope and maturity. To be able to define new methods and improve exist-
ing ones, integrated methodologies and tools to take into account the concept of
agility throughout the life cycle of the information system would be a consider-
able contribution for companies, which must find effective ways to survive and
evolve serenely in the current economic environment characterised by fierce com-
petition and rapid and random changes.
Chapter 5
Strategic Agility for IT Service

Management: A Case Study
Abstract
In order to support transformational business change, IT needs to streamline
the process of bringing new IT processes to life.
In today’s ever-changing business world, nobody knows what is around the
corner, so improving agility is the best way to the future-proof organization.
IT Service Management is the ability to collect data, analyze it, to make
reports, and to implement improvements in agile mode, sometimes make
it challenging to manage all these informational organization assets effec-
tively. To perform real-time monitoring of these activities, manage, and
be able to involve the final user in the heart of the IT process, or reduce
operating cost, agility is the ideal solution.
In this chapter, the authors propose a global strategic model to improve
Information Technology Service Management service management pro-
cesses with the additions of two drivers: agility management and security
management.
5.1 Introduction
According to Brooks (2006), IT service management tools deal with many IT
service management measurements, and most of it will be attractive to people in
the related departments with the same activities. Metrics are identified to show
development and the performance of the system. Therefore, there are three types
of metrics to improve the quality level of the evaluation framework such as effec-
tiveness, capabilities, and efficiency. These elements could be matched into any
technology, process, or service that focuses on Operational Level (Service Sup-
port Domain), Tactical Level (Service Delivery Domain), and Strategic Level.
This chapter aims to identify the crucial aspects that propose a comprehen-
sive framework for Information Technology Service Management (ITSM) effi-
ciency. It was collected from a theoretical and empirical research study that

doi:10.1108/978-1-80043-810-120211006
generated answers to the sub-level research questions. The author tried to extract a
framework based on the literature review and various sources from the practical
environment. The framework was used within the far-reaching empirical study to
find ways to compare and identify different corporation metrics. The organizations
were becoming more reliant on a comprehensive framework to control IT service
management in organizations; how Information Technology Infrastructure Library
(ITIL)-ITSM best practices affect organization efficiency and problem-solving.
The IT department’s responsibility for maintaining and securing the IT envi-
ronment now includes all devices’ employees use, but budgets and IT resources
are limited. The framework ITSM proposed exploits the good practices of ITIL
and ISO 2000 and integrated new strategic axes such as agility and security in
order to propose an efficient and agile IT service management. It replaces the
traditional IT services of the “control and control” type, oriented peripherally by
a complete integrated, user-oriented approach with the integration of four disci-
plines of IT management (Service management, Security management, Agility
management, and Asset management).
The IT department’s responsibility for maintaining and securing the IT envi-
ronment now includes all devices employees’ use, but budgets and IT resources are
limited. Agility is the right solution for IT departments to streamline IT processes
and manage all aspects of end-user productivity. The objective is to reinforce the
traditional IT services of the “control and control” type, oriented peripheral by a
complete integrated approach, oriented user. ITSM increases the level of the com-
munication efficiency between business departments and provides a structure to
plan, research, and implement IT services. The needs of IT service management in
organizations can be changed in the ways they do business, communicate, and also
develop and innovate, gain market advantage and differentiate themselves to their
customers (Brooks, 2006). Also, ITSM allows companies to internally govern and
follow the set of global standards. For a better understanding of the ITSM concept
in the organization, reviewing the ITSM component would be useful. ITSM com-
ponents consist of Process, Technology, Manpower (people), Organization, and
Security, which is recently added to the organization construction to improve the
system security (McNaughton, Ray, & Lewis, 2010; Park, Kim, Choi, & Jun, 2008).
As mentioned earlier, the IT service is connected to the four fundamentals of
ITSM. Therefore, when IT is aligned with the business strategy and the organiza-
tion, it can do what it wants to do. Furthermore, IT and new technologies enable
the organization to do new things that were never possible before (Silva Molina,
Plazaola, Flores, & Vargas, 2005). The strategic outcome is that the overall busi-
ness benefits from active IT-related service and IT benefits that are integral to the
company’s business plans will be delivered to the maximum economic value.
In the literature and even references such as ITIL, ISO 20000, and Cobit (van
Grembergen & De Haes, 2009a), there is no practical, concrete, and agile model
for the implementation of IT services and assets management in organizations.
In this work, we propose a global, practical, and agile framework for supporting
IT Service management ITSM. The proposed framework surpasses the limita-
tions of existing methods/referential and meets the needs of international stand-
ards regarding flexibility and agility to improve ITSM processes. This generic
Strategic Agility for IT Service Management 95
framework will help any organization in the implementation of an agile, secure,

and optimal IT Service Center. We measure the proposed framework by adopting
a continuous improvement process based on DevOps (DevOps is the concatena-
tion of the first three letters of the word “development” and the usual abbrevia-
tion “ops” of the word “operations”) and the PDCA Deming cycle.
5.2 IT Service Management ITSM

During the last two decades, the ITSM related frameworks have provided a better
systematic approach to the management of IT services in the fields of IT operation
to continual improvement, implementation, and design (Marrone & Kolbe, 2011).
For example, different studies have concentrated on the adoption of IT Service
Management (ITSM) as a “particular service-oriented best practice.” According
to Winniford, Conger, and Erickson-Harris (2009), about 45% of US corporations
are operating an ITSM, while 15% are preparation its usage. IT service manage-
ment is somehow the quality customer service that tries to ensure that customer
needs and expectations are met at all times (Tan, Cater-Steel, & Toleman, 2009).
In “ITIL: What It Is, And What It Is Not,” Hank (2006) examined in the meas-
uring techniques of successful companies when implementing the ITIL-best prac-
tice. He describes Service Support and Service delivery and explains its stress on an
ITSM-ITIL best practice that it does not stand alone, and it could be successful when
applying to other practices. The authors define three significant tasks, which define
appropriate goal setting through a Process Maturity Framework (PMF), rigorous
auditing and reporting through a Quality Management System, and Project Man-
agement, and a Continuous Service Improvement Program, to support ITIL-usage.
Furthermore, he also provided more information about business-aligned IT process
and continuous improvement of the tactical and operational components, especially
those processes that focused on service quality by clients and users (Hank, 2006).
Apart from the other works on improving the efficiency of IT service man-
agement field, there is a real-life example of a case study, which is focusing on
IT framework, and Service Strategy process of Steel Manufacturing Enterprise
(SMC). In a manufacturing enterprise, Yao and Wang (2010) used integration of
COBIT and ITIL best practice to implement and improve the ITSM framework.
They introduced an approach to service strategy evaluation framework in SMC
by providing indicators for the different evaluation process to improve the result
from ITIL implementation and to increase the improvements on changed IT pro-
cesses; they use different approaches to find the problem of Business-IT-alignment
in SMC. The approach aims at minimizing the difficulty of business-IT-alignment
in importance within the IT community. In the same article, Bartolini, Sallé,
and Trastour (2006) has suggested an IT Management by Business Objectives
method, which is a unique way to ensure business strategic objectives-IT align-
ment, by defining a new system for decision support in ITSM. It is closely related
to the ITIL component in operational level and tactical level of theoretical.
In “E-government: ITIL oriented Service Management Case Study,” Meziani and
Saleh (2010) developed a service management self-assessment plans for the govern-
ment agency to support the continuous quality improvement of IT processes
based on ITIL governance – gap analysis methods concerning ITIL standards

(Meziani & Saleh, 2010 ).
In their work entitled “Managed IT-Services: The role of IT standards,” Kum-
bakara (2008) argues the practical issues based on standards and the manage-
ment of IT services delivered by external or outsourced service providers. Here,
the purpose of the authors is to assist IT organizations to recognize the signifi-
cance of having a mutual standard for managing IT services.
van Grembergen and De Haes (2009b) illustrated a set of best guides and
practices (COBIT Framework) for IT management control and assurance of
information technology, and categorized them around a logical framework based
on 34 IT processes.
Marrone and Kolbe (2011) studied the benefits of both operational and strate-
gic of IT Service Management. The research outcome indicates that as the imple-
mentation of ITIL increased the number of realized benefits, like the levels of
maturity of the Business-IT-Alignment.
Wilcocks in his book entitled “Information management: the evaluation of
information systems investments” (Willcocks, 2013), the author proposes dif-
ferent approaches to evaluating practice at strategic levels and during the pre-
purchase phase of IS assessment. In the book “Asset management: A systematic
approach to factor investing,” the authors (Ang, 2014) introduce a comprehen-
sive and new approach to the secular problem of where to place your money
in IT Asset Management. In recent works “Reducing the cost of test through
strategic asset management” (Lowenstein & Slater, 2016). The authors explore
the balance of the three fundamental aspects that make up asset management
and will focus on how to implement strategies to reduce the total cost of owner-
ship for the test.
Most of the ITSM Organizations consider Service Support process as a dif-
ficult task. Difficulties are mainly due to the following reasons:
⦁⦁ IT organizations do not have a structured approach to measuring IT service

and service management processes.
⦁⦁ Different tools exploited by IT Support Service Teams do not enable useful
measurement.
⦁⦁ IT service management standards and frameworks do not provide practical
examples of how to measure the support process (Lahtela, Jäntti, & Kaukola,
2010).
⦁⦁ Therefore, the IT organization needs a structured approach for measuring IT
service support process such as ITIL 4 or the other reliable sources to increase
IT quality of services. So, implementations of the service support process are
chosen as a priority to help as a result of continuous improvement in ITSM.
5.2.1 Agility in ITSM

As discussed in Chapter 4, in IS research, the agility concept has been intro-
duced in early 1990 (Ciborra, 2009; Clark, Cavanaugh, Brown, & Sambamurthy,
1997; Markus & Benjamin, 1996; Sharp, Bamber, Desia, & Irani, 1999). After the
success of agile methods in computer development, in research, the concepts of

flexibility and agility have been associated with the broader challenge of combin-
ing complex computer systems with unexpected changes, sometimes surprising in
user needs, business processes, company structure, strategy, markets, and society
in overall. At the beginning of the year 2000, the emphasis was on other attrib-
utes of Information System (IS) explain agility through IT, development methods
(IS), and IS outsourcing practices.
In the literature, we deduced that is a lack of a unique definition of the agility
concept. The Agility Research in (IS Agility) was devised on several axes (Fink
& Neuman, 2009; Holmqvist & Pessi, 2006; Hong, Thong, Chasalow, & Dhillon,
2011).
However, there is a lack of research regarding agility in IT Management Sys-
tems. Although the IT function, in all its dimensions, gains in flexibility, and
reactivity, the IT system function is at stake and must have the capability
to accelerate its adaptation to business needs, market requirements, and the
strategic alignment of the IS and the organization. Agility is the best solu-
tion to cope with different internal/external changes. DevOps is a set of best
practices and changes guidance that ensures development, assurance, and
quality improvement and operations to respond effectively better to customer
needs. Patrick Debois invented the w``ord DevOps during the organization
of the first DevOps days in Ghent, Belgium, in October 2009. The organiza-
tion must accelerate the delivery of new functionalities and software features
to ensure competitiveness. This is the idea behind agile application/software
development processes that are now widely used by application delivery teams
to reduce delivery cycle times. DevOps can be applied in the ITSM field, in
order to benefit from it and to ensure an efficient and flexible ITSM in the
organization. In recent work (Gene, Jez, Patrick, & John, 2016), the authors
argue that more than ever, effective technology management is essential for
business competitiveness.
For decades, technology leaders have struggled to balance agility, reliability,
and security. The book does not focus on tools such as infrastructure for exam-
ple code, containers, or configuration management. These are people, culture,
and processes. The book creates a language to describe DevOps and a com-
mon understanding. The authors show leaders/practitioner how to reproduce
these incredible results, showing how to integrate IT operations, development,
product management, quality assurance, and information security to raise
your business and win in the market. DevOps helps the organization to bring
together key players (companies, applications, and ops) with a focus on col-
laboration, automation, and monitoring, resulting in better application deliv-
ery speed with quality. Here are some of the ways DevOps helps to generate
business value:
⦁⦁ Obtain a competitive advantage. Accelerate the output of applications in pro-

duction – faster response to business demand.
⦁⦁ Increase the efficiency of IT resources. Automate provisioning and deploy-
ment. Delete the manual processes.
⦁⦁ Enable better and faster decisions. Create an immediate feedback loop.

Identify problems earlier in the process.
⦁⦁ Hang on to business requirements. Bring new applications and updates to the
market quickly to create satisfied customers.
In recent work, Abdelkebir, Maleh, and Belaissaoui (2019) proposed a holistic

and practical strategic framework to improve ITSM service management pro-
cesses with the additions of two drivers Agility management based on DevOps,
and an agility PMF.
There are no instructions to follow to adopt an agile way of working. This one
requires a change of culture, knowing that change. The most important thing is to
get the company to embrace change with open arms. Traditionally, we will try to
limit change: we create a schedule and then try to stick to it as much as possible.
In the Agile spirit, we assume that plans will eventually change, and we forget
about immutable patterns. The goal is clear, but the path to it can change. Being
Agile means following a process of continuous improvement.
Axelos, the organization that owns ITIL, published in 2019 the new version
of the ITIL repository, called ITIL 4 Edition. This new edition redesigned the
already well-established principles of ITSM by taking into account new techno-
logical challenges and new operating modes, such as agility, Lean, or DevOps.
This new version encourages organizations to break down silos, foster collabo-
ration, and communication within organizations, and adapt to new IT trends.
ITIL also encourages its practitioners to keep practices pragmatic and straight-
forward, which can result in a recognition that too many organizations have
tried in the past to implement ITIL to the letter, making ITSM complex and
inflexible.
New concepts have emerged from this new opus, such as the Service Value
System, which is a co-creative value system adapted to the concepts of Agility,
DevOps, and Lean.
ITIL 4 proposes a continuous improvement model that can be applied to
all elements of the Service Value System (SVC) (practices, etc.). This model is
intended to be a high-level guide to support improvement initiatives, with a strong
focus on customer value, and ensuring consistency with the organization’s vision.
The model, based on the principles of agility, introduces an iterative approach
and divides tasks into incrementally achievable objectives.
ITIL 4 reinforces this proximity by offering a framework adapted to recent
trends such as agility, Lean IT, DevOps, and Cloud Computing. It builds on
ITIL’s initial philosophy: to draw inspiration from best practices and apply them
so that they are best suited to organizations.
ITIL 4 does not provide a practical framework for merging agility with IT
service management. The main objective of this chapter is to propose a prac-
tical agile framework for IT service management based on best practices of
ITIL 4 and agility concept. The proposed framework surpasses the limitations
of existing methods/referential and meets the needs of international standards
in terms of agility and flexibility to improve and enhance ITSM processes. This
generic framework will help any type of organization in the implementation of an
agile, secure, and optimal IT Service Center. The proposed framework adopts a
continuous improvement process based on DevOps and the quality management
method PDCA (plan-do-check-act) PDCA.
5.3 The Proposed ITSM Framework

5.3.1 Framework Overview
ITSM increases the communication effectiveness of business units and provides
a structure for planning, reviewing, and implementing IT services. The needs of
ITSM in organizations can be changed in the way they operate, communicate,
and do business, but also in the ways they develop and innovate (Brooks, 2006).
The proposed ITSM framework exploits best practices (ITIL, COBIT, and ISO
2000) and incorporates new strategic directions such as agility and security man-
agement to deliver an efficient and a flexible ITSM (Sahid, Maleh, & Belaissaoui,
2018). It replaces the traditional IT services oriented devices with a completely
integrated and user-oriented approach based on four disciplines of IT manage-
ment (service management, asset management, agility management, and security
management). The proposed maturity framework is a comprehensive suite of
proven management practices, assessment approaches, and improvement strate-
gies covering 4 IT capabilities, 22 objectives, and 80 controls.
The proposed framework classifies IT activities across the following four high-
level activity categories:
⦁⦁ IT service management provides oversight structures to support services.

Implement IT service strategy, process, and controls. Manage incidents, prob-
lems, and changes. Define service levels. Optimize the availability and manage
supplier capacity and requirements.
⦁⦁ IT asset management provides resource management provides asset budgets,
tools, and resources, and measures the resource efficiency of asset investments.
Manage assets and data throughout its lifecycle.
⦁⦁ IT security management implements measures to manage IT security services,
risk control profiles, security threats and assesses prioritizes, handles, and mon-
itors security-related risks.
⦁⦁ Agility provides the ability to respond to frequent and unpredictable changes
by implementing fast and effective changes without disrupting everything. The
approach is based on DevOps with three components (People, Process, and
Technology).
As Table 7 shows, these high-level activity categories are decomposed into 22

IT control objectives.
5.3.2 Framework Maturity Profile

In the significant modern organizations, it is no longer possible to manage IT ser-
vice and assets on an ad hoc basis, or by deploying only technical solutions. Instead,
Table 7. The Proposed Framework Capabilities.
ITSM Functions Control Objectives Description

IT Service Self-service desk Give a single point of contact
Management (SPOC), allowing users to contact
IT support
Incident management Ensure that the normal exploitation
of services is restored as soon as
possible and that the business
impact is minimized
Problem management Manage problems. Identification
and classification of problems
Change management Manage changes. Change status
tracking and reporting
Release and deployment Install and accredit solutions and
management changes
Experience level Define and manage service levels,
management Monitoring and reporting of
service level Agreements based on
client experience
Availability management Optimize the availability and
reliability of IT services and of the
supporting IT infrastructure and
organization, in order to meet the
business requirements
Capacity management Ensure that IT infrastructure is
delivered at the right time, at the
right price and in the right quantity
to maintain the quality of service
aligned with business needs
Configuration Support IT complexity
management database management by refocusing the IT
CMDB organization on business services
IT Asset Asset discovery and Define the capacity to discover
Management inventory assets across the enterprise network,
whether they are at the corporate
site or in remote locations
Configuration Manage all changes made during
management the system lifecycle
IT financial management Helping the business to assess
whether its IT Service is doing the
best it can with the money it has
ITSM Functions Control Objectives Description

Asset lifecycle Track IT assets such as laptops,
desktops, printers, and other
consumables within the
organization
IT Security IT service security Develop and train incident
Management management response teams to identify and
limit exposure
Manage user access rights to
information throughout its lifecycle,
including granting, denying, and
revoking access privileges
IT asset management Implement measures to protect all
IT components, both physical and
virtual, such as client computing
devices, servers, networks, storage
devices, printers, and smartphones
Vulnerability and risk Identify exposures to security-
management related risks, and quantify their
likelihood and potential impact
Compliance management Compare security assessment
results with standards’ requirements
IT Agility Strategy and process Define the clarity of business
Management plans, values, and goals of the
organization
Flexibility of structure Manage the organization resources
when business needs arise, and
define if the size of the organization
is adaptable to need that arises
Up-to-dateness of Use state-of-the-art technologies,
technology systems and advanced systems to improve
processes
Staff competency and Develop organization employee’s
skills skills through training. Motivate
and maintain proficient employees,
whether the organization has
appropriate communication,
technical, and managerial skills
Organizational agility Define the ability and flexibility to
aligned capabilities with business
needs
these organizations need a holistic approach that applies agile management and
good governance across the organization, and through which all levels share the
fundamental values of visibility, accountability, and responsibility. For each ITSM
functions, the framework defines four maturity levels that serve as the basis for
understanding an organization ITSM capability. The assessment scope would cover
only the critical processes of the service operation and the service transition. Data
collected through interviews, workshops, literature review, and site visits. A time-
based assessment aims to determine the maturity level of each ITIL process. Based
on the collected answers, the scores are tabulated using a spreadsheet tool (more
details in the research methodology section).
5.3.3 The Attainment Model

Level 0 – None: No process/documentation in place. No standards and Tool. As
far as asset management is concerned, it is non-existent. We do not spend much
time characterizing this level, because service and asset management do not hap-
pen systematically. Other attributes of an ITSM program, such as governance,
staffing, processes, policy, and parameters, are not considered at this level. As a
result, costs and risks are high, delays are extended, and the quality of service is
low. The ITSM is not agile in the face of different environmental changes.
Level 1 – Initial: Maturity is characterized by an ad hoc definition of the IT
service strategy, process, and standards. Physical environments and IT asset com-
ponents are only locally addressed. The organization has a weak capacity that
does not meet operational requirements. There is no explicit consideration of
budget requirements for information security activities, and no systematic man-
agement of security risks. Security incidents are managed in an ad hoc manner.
The ITSM is static, not agile and flexible. This initial level is the place where we
attend the majority of companies that undertake an ITSM program. At this level,
costs and risks are high, delays are extensive, and the quality of service is defi-
cient. In general, it is difficult for end-users to do their job effectively when they
do not have the resources to support their work. Since there is a well-documented
skill-shortage of skilled ITSM professionals, most companies succeed by training
internal staff to fill open roles. There are no magic numbers to organize a pro-
gram, but it tends to be higher in the early stages of program implementation so
that stakeholder support is essential if the workforce needs to be shared.
Level 2 – Basic: Maturity reflects the linkage of a core business strategy, IT
strategies, and risk appetite in response to individual needs. It also includes the
development and review of ITSM policies and standards, usually after signifi-
cant incidents. IT component and asset environment guidelines are emerging.
Processes for managing the IT service, asset, and data security throughout its
life cycle are emerging. Major incidents, problems, and changes are tracked and
recorded. The process is developed, implemented, and managed satisfactorily as
a whole. The management process is identified and documented, but IT organiza-
tions as a whole do not recognize its role.
Level 3 – Defined: Maturity reflects a detailed IT service strategy that is
regularly aligned with both business and IT strategies. IT service policies and
standards are developed and revised based on a defined process and regular
feedback. IT and some other business units have agreed-on IT component and
physical environment security measures. IT budget processes identify and provide
the most significant information security budget requests for the IT Department
and some other business units. The security risk-management process is proac-
tive. Access rights are granted based on a formal and audited authorization pro-
cess. Detailed lifecycle data of security management processes are implemented.
Security incidents are managed on an emergency basis, as agreed on by IT and
some other business units. The IT Department has ad hoc involvement in budget
setting. Some ad hoc staff awareness and training. Investment is using short-term
payback criteria only.
Level 4 – Managed: A regular improvement characterizes maturity. ITSM
management strategy is aligned with the company’s IT strategies and compliance
requirements. However, policies generally target the behavior of end-users, for
example, by informing them of acceptable business practices regarding the physi-
cal security of hardware devices, software downloads, software evaluation copies,
etc., and by informing them of acceptable business practices. These policies must
be applied to both IT users and end-users, as IT staff with administrator rights
must be informed that they could create a risk in the same way as end-users. In
some organizations, for example, in highly regulated industries, it will be easy to
create a corporate culture to adhere to policies. However, other companies, such
as engineering and IT companies, will never be able to control user behavior.
At this level, costs and risks are visible because they can be scheduled annually.
Also, delays are modest, and the quality of service is increasing. The company
has confidence in IT, and end-users feel they have the resources to be effective.
Organizational agility is managed. Regular staff training, awareness-raising, and
advertising campaigns are well defined.
Level 5 – Optimized: Maturity is characterized by a high level of efficiency in
IT service management. Organizations have already solved many problems that
keep IT managers from waking up at night. Previous reactive problems have been
resolved so that both governance and policies are no longer an issue. At this level,
the focus is on aligning the IT financial management provided by the ITSM data
to enable a variety of strategic decision-making activities that are not necessar-
ily related to ITSM but that support business agility. At best, business units do
not even realize that the calculation takes place in the background. Achieving
this level of agility requires close alignment between business services through
an operational ITSM program. At this level, costs and risks are monitored and
planned monthly, delays are short-term, and the quality of service is high. Busi-
ness and IT are now linked to the same objectives.
5.3.4 Agility Management

Companies realize that they need to deliver strategic responses more quickly and
efficiently, to take advantage of the digital age, which requires pervasive agil-
ity throughout the company. ITSM teams are already focused on improving or
constructing consistent, repeatable processes that reduce downtime and improve
Fig. 37. DevOps Agility: Aligning People, Technology, and Process for Continuous
Improvement.
productivity (Anderson & Bishop, 2018). Effective initiatives within the ITSM
framework can extend the delivery and management of business services beyond
the areas of computing. Service management teams become an advisory model
for the company, and the integrated process-driven ITSM enables agility that sup-
ports the company’s strategy (Adalı, Özcan-Top, & Demirörs, 2016).
Along with the development solutions and processes, ITSM plays a crucial
role in supporting DevOps practices and objectives such as incident management,
application deployment, and performance management, to name just a few. The
conception and implementation of new agile ITSM are a real challenge. The pro-
posed DevOps model connects people, process, and technology to ensure con-
tinuous improvement of IT services, as shown in Fig. 37.
Process management: While technology management has been the central ele-
ment of IT, most IT organizations realize that poor service delivery pretty much
with technology. IT should be prepared to restore services as quickly as possible
in the event of a problem. Well-defined roles and responsibilities are essential for
service disruptions. Anyone involved in the delivery and support of the service
must perform without confusion or delay. This ability can be the critical difference
between the success and failure of an IT organization trying to establish credibil-
ity as a service provider. These situations are examples of process problems. Tri-
umphant commercial success is complicated to achieve until they are processed.
People: Clearly, improved processes are useless without people. Neverthe-
less, the people component of IT refers to more than a simple understanding of
how process re-engineering and process management affect IT, staff. It also refers
to skill sets, attitudes, and the new roles and responsibilities staff must assume
to be successful. Each of these people aspects must be transformed in order for IT

organizations to evolve from technology to service providers. IT staff skills must
change in support of new or modified jobs that result from process engineering and
changing or improving skills requires education and training. However, the proper
performance of new skills alone does not necessarily result in successful IT trans-
formation. Attitudes also need to be transformed to make the entire IT Department
more client-centric, service-oriented and aligned with the organization’s business
objectives as shown in Table 8. In practice, this means that IT organizations must:
⦁⦁ display consumers of their services as clients;

⦁⦁ expand their attention to technology to include an emphasis on service
solutions;
⦁⦁ implement measurable and accountable processes;
⦁⦁ balance development of internal solutions with outsourcing;
⦁⦁ define and develop organizational, service-oriented structures, roles, and
responsibilities; and
⦁⦁ strengthen the traditional skills of the IT system with client-centered skills.
Achieving these changes in skills and attitudes throughout an IT organiza-

tion requires a well-defined educational program that addresses processes and
technology. In most cases, organizations benefit from hiring a consultant who
understands these needs and can develop a tailor-made plan. Generally, once new
processes are implemented, and there are measurable and reportable outcomes,
people’s attitudes move toward service and customer focus. However, the tone set
by IT leadership also has a significant impact on staff attitudes.
Table 8. New Skills and Attitudes Required for an Efficient ITSM.
From To
Users Customer
Inward-looking Outward-looking
Technology focus Process focus
Ad hoc processes Rationalized, streamlined processes
Best efforts Measured, accountable processes
Entirely in-house Balanced in-/outsourcing
Fragmented, silos Integrated, end-to-end
Reactive Proactive
Operations manager Service management
System skills Listening skills
Technology: The proper functioning of new or improved IT processes often

requires significant changes to existing technologies and the integration of new
technologies into the existing IT environment. IT also requires enabling technolo-
gies with special tools to automate processes and streamline integration and inter-
process communications for the enterprise IT management.
In addition to enabling technologies, other tools may be required for a global
ITSM solution, such as tools that:
⦁⦁ allowing companies to view their Internet infrastructure, simulate, and moni-

tor business activity;
⦁⦁ monitor and analyze the impact and quality of the telecommunication service;
and
⦁⦁ provide accurate and timely service reports or create portal views giving clients
visibility into their services.
IT departments need to identify tools that require minimal customization. To

simplify implementation, reduce costs and improve processes. For example, con-
sider the benefits of purchasing a change management system that is already inte-
grated with configuration management, incident management, support system,
and service management systems. As change orders are processed, the past, cur-
rent, and future data on the IT infrastructure can be retrieved automatically from
configuration and update management. Data from past incidents can be collected
immediately, which considerably reduce the time for review and approval for a
specific change. The same data, when also available for problem management,
allow specialists to analyze trends and avoid future service disruptions. At the
same time, change management and incident management personnel can access
problematic data to improve quality and decision-making. Support staff can
quickly determine the levels of service applied and escalation settings for callers,
which improve customer satisfaction.
To understand the DevOps maturity of the core development and IT operations
processes, we propose a proven DevOps maturity model based on a return to the
experience of the adoption of DevOps model of agility in their business strategy to
accelerate innovation and meet market demands, as shown in Fig. 38. This model
looks at DevOps from three viewpoints, IT service, process, assets, IT automation,
and IT collaboration, and spans a series of clearly defined states on the path to ano-
ptimized DevOps ITSM environment. The DevOps maturity model described in
Fig. 39 below represents a roadmap to achieve organization’s maturity level regard-
ing ITSM standardization, IT automation tools, IT collaboration approaches, and
end-IT-user security management, along with insights into the opportunities for
continuous IT service operations and organizational change improvement.
5.4 Use Case

In this section, we will study a case of application of our model to a company,
and a case study was conducted as a pilot project to identify relevant ITSM prac-
tices in the organization. The capability maturity framework is implemented in
Level 5 :
Optimized
Level 4 :
Measured
• IT as a strategic
business partner
Level 3 :
• Effective
Managed
• Collaboration knowledge
based process sharing and
are measured to individual
empowerment
Level 2 : • Collaboration
identify
bottlenecks and
Defined • Shared decision- inefficiencies • Self-Servicing
making • IT as service • Self-remediation
Level 1 : • Analyze trends provider • Self-Learning
Initial • Fight fires • Set thresholds • Measured • IT and business
• Some shared • Central Services and metric linkage
automated Assets costs • IT Business
decision-
making process across • Guarantee SLAs/ improves
• Poor • Process are
ITSM lifecycle OLAs business process
• Ad hoc managed but
• Mature problem, • Measure and risk and cost
configuration, report service optimization
• Undocumented not change, assets availability • The impact of IT
• Unpredictable standardized management • Predictability and services and
• Uncontrolled • No central • Process are Visibility of entire assets security is
• No automation infrastructure standardized IT process and optimized
• Multiple help
• Desktop across the Performance
desks
software organization • The impact of IT
distribution services and
• Minimal IT
• Initiate problem assets security is
operations
management
• User/customer
• Alert and event
call notification
management
ITSM Agility Maturity Model based on

Devops
Fig. 38. Devops ITSM Maturity Model for Continues the Organization’s Measure
and Improvement.
the service center of a leading port sector organization in Morocco. The organi-
zation manages more than 30 ports and sites with more than 1,000 users. The
Information System department has 40 employees with different profiles. The
purpose is to study IT service practices and assess the organization’s ability to
transform traditional IT support into a global and agile IT service center through
the implementation of the proposed framework. Fig. 39 shows the ITSM frame-
work architecture proposed for an eventual implementation in the organization.
Data Collection: The questionnaire was carried out in several stages. A first
version has been developed to take into account the different theoretical assump-
tions. This first version has been tested with IT service managers and consultants.
This pre-test allowed rephrasing some questions to improve the comprehension
of the questionnaire and to improve the quality of the given answers. In the end,
the questionnaire consists of 100 questions divided into four topics: IT service
management maturity, IT asset management maturity, IT security management
maturity, and IT agility maturity level. Table 9 shows the organization ataff and
Turnover, and Table 10 describes participants’ semographics.
108
Fig. 39. The Proposed Agile ITSM Framework.

Table 9. Organization Staff and Turnover.
Year Frequency
Size of the Company 2019 More than 1,000
(# of Employees)
Position Senior Executives 366
Executives 95
Supervisory Officers 415
Qualified non-supervisory 146
Non-supervisory 79
Evolution of Turnover 2014 More than $1,4 million
and Revenue of the 2015 More than $1,5 million
Company for the last 5
2016 More than $1,7 million
years in $
2017 More than $1,8 million
2018 Less than $2 million
Table 10. Participants’ Demographics.
Participants Frequency Percent (%)

Male 68 68.42
Female 36 31.58
Top manager personnel 17 14.91
Senior Manager 23 20.18
IT Manager 7 6.14
Consultant/Engineer/ 13 11.40
Analyst
IT Technical Staff 19 16.67
Helpdesk Technician 7 6.14
Quality Assurance/Quality 15 13.16
Control
Other entities staff 13 14.91
Data Analysis: We used the questionnaire in Appendix 1 to drive data analysis.

The questionnaire includes the different objectives and controls of the proposed
ITSM framework. We attempted to validate each answer through the developed
maturity software that was used to automate the process and determine the matu-
rity score. The treatment consists of calculating a weighted average of the scores
obtained based on the selected responses and the coefficient of efficiency of each
function in the organization. Questions also changed from Yes/No to five options
Table 11. Continual Quality Improvement.
Discover Do Act Optimize

Vision and Assessment Organization Performance
strategy management
Auditing Strategic plan Processes Benchmarks
Key performance Roadmap Tools and Continuous
indicators technology improvement
related to maturity levels as shown in Fig. 40. The toolbox worksheet contains
contextual answers for each question in the assessment. The formulas in the tool-
box will average the answers to calculate the score for each practice. The score
is a numerical result (zero to five or expressed as a percentage) representing the
maturity level of the audited ITSM.
Case Description: To be able to meet the requirements of the proposed ITSM
Framework, all employees must feel concerned and involved. To this end, the
quality department has undertaken a series of strategic actions. These actions are
planned following an agile model based on DevOps. Inspired by Deeming wheel
and DevOps, the authors organize the reports into four phases DDAO: Discover
Do, Act, and Optimize, as shown in Table 11. Our goal is to develop a quality
approach to a continuous IT improvement. Starting with the auditing of all the
functional and practical aspects of the management of the organization’s services
and the desired need, including the implementation of a roadmap for the desired
organizations levels of maturity in terms of management of services, assets, and
IT security. The authors define an agile approach based on DevOps, to guarantee
a continuous improvement of the processes, services, security and organization,
and contribution to the business of the organization.
Discover: The following section presents the part of the empirical study that
identifies the current status of the organization ITSM. IT managers described
yhat different parts of ITIL are incorporated in the fields of IT Support, ser-
vice desk Service Level Agreements (SLAs), incident and problem management,
and deployment fields, asset business, activities, operational maintenance, etc.
Another aspect that could be measured is the service improvement by provid-
ing surveys based on a yearly basis (on process and maintenance object level) to
improve and monitor the overall performance of the systems.
ITSM audit score: The ITSM audit was piloted based on the maturity model
described in Appendix 2, in order to identify the current levels of maturity and
Fig. 40. Assessment Score.

Organizational Agility
Staff competency and skills
Up-to-Dateness of Technology Systems
Flexibility of Structure
Strategy and process
Compliance Management
Vulnerability and Risk Management
IT Asset Security
IT Service Security Management
Asset lifecycle
IT Financial Management
Asset Discovery and inventory
Configuration management database CMDB
Capacity Management
Availability Management
Service Level Management
Configuration Management
Release and Deployment Management
Change Management
Problem Management
Incident Management
Self-Service Desk
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5
Maturity Score Target Maturity Score
Fig. 41. ITSM Maturity Score.
to define the desired level to be attained by the organization. Fig. 41 below shows
the current ITSM maturity level. The maturity score 1 indicates the initial level
(ad hoc), and the score 5 indicates the high score of maturity level (optimized).
As shown in Fig. 42 above, the ITSM maturity level still at the initial and
reproducible levels 1 and 2. The objective is to set up service management and
achieve level 4.
The result of the organization’s ITSM audit is at the initial level. Asset man-
agement is done manually, which negatively influences costs and increases risk
and weakens the quality of service. The target objective is to define an improve-
ment strategy enabling the organization to automate and efficiently manage their
IT assets in order to position the organization in the managed level of maturity
(level 3).
The IT security maturity runs between the basic and intermediate level, which
proves that the organization is aware of IT security issues. The target objective is
to achieve an improved level of ITSM security and to be part of the overall gov-
ernance of the organization’s information security.
The current level of maturity of agility shows a huge lack of organizational
commitment. Managing the aspects of flexibility, technology, processes, and
people are characterized by a basic and fundamental level. The IT department
cannot cope with environmental and technological changes. Our objective is to
implement a continuous improvement strategy based on DevOps in order to
reach the level of control (level 3) in term of maturity and deliver a flexible and
agile ITSM.
Developing Improvement Action Plans: The output from the framework’s
assessment supports understanding the actions necessary to drive improvement
and enable the organization to move systematically from its current state to its
target maturity. This is achieved by implementing a series of industry-validated
practices that allow organizations to improve incrementally, and monitoring
and tracking progress over time using a number of industry-validated metrics.
Table A1 (Appendix 1) includes sample practices and metrics for the four objec-
tives highlighted for prioritized improvement. For each of these objective prac-
tices, the figure outlines the currently reported maturity and the practices required
to transition to the next maturity state. Note that additional practices are
available to support transitioning to the desired maturity state as described in
Table A2 (Appendix 2).
To reach the desired level of maturity. The organization implemented some
programs during each phase of the rollout. During this phase of the project, the
following initiatives were adopted for the first phase (months 0–12) as shown in
Table 12.
Table 12. Target Objectives of Phase 1 (Months 0–12) to Achieve the Target
Maturity Level.
ITSM Functions Target Goals (Months 0–12)

IT Service – Control the support center with fundamental processes
Management
– Improve service and support performance, and reduced
unforeseen costs and business risks
– Improve user satisfaction through the self-service portal
– Improve visibility of operations through reports and
dashboards: Quickly evaluate the performance against the
company’s goals, for continuous improvement
IT Asset – Reduce operational expenses and audit control
Management
– Create lifecycle processes around your IT asset
– Use discovery and inventory processes
IT Security – Establish and maintain the insurance and protection
Management program roadmap
– Ensure asset management system and process for hardware
and software
– Identify, inventory, and classify all assets required for data
management
– Ensure that standards are implemented on all machines, and
they are up-to-date with current definitions and appropriate
parameters
– Ensure documented control processes are used to ensure
data integrity and accurate reporting
ITSM Functions Target Goals (Months 0–12)

– Ensure that periodic system self-assessments, risk
assessments, and audits are conducted
– Ensure identification and monitoring of external and
internal compliance factors
IT Agility – Implement a self-portal service Desk to allow users to solve
Management incidents themselves
– Automates standard version and changes and provides
control and visibility
– Develop and implement end-to-end IT integrated processes,
avoiding process silos
– Define and develop organizational service-oriented
structures, roles, and responsibilities
– Improve traditional IT skills with customer-centric skills
– Evaluate the ITSM performance based on user or client
experience through the adoption of XLAs (X for Experience)
Act: This step will evaluate the decisions taken and the approach was taken.
The quality department and management will study the results and judge the rel-
evance of the decisions made. Moreover, this stage is required to reduce the gaps
and dysfunctions deployed during each review or audit. The planned manage-
ment review each year takes into account the steps taken during the year or the
last six months in trying to define opportunities for improvement. The authors
exploit DevOps approach to set up this step. DevOps brings fundamental changes
to how application and execution teams interact and execute processes. It requires
changes in technology, processes, and culture. The authors measure the organiza-
tion agility level by the proposed ITSM maturity framework for further measure-
ment and improvement of the organization.
The organization’s level of agility is initial; our objective is to orient the ACT
part toward an agile approach, in order to ensure a delicate change management
and consequently a continuous improvement by supporting people, process, and
technology drivers. To create an agile IT service center that delivers quicker reso-
lutions increases user satisfaction and evolves with rapidly changing technologies,
the authors suggest following these steps described in Fig. 42 below.
The obtained results can be improved agile by adopting our agile approach
based on DevOps. This approach will allow any organization to measure, control,
and manage IT services, asset and endpoint security costs and process.
Optimize: The most important thing that organizations adopt agile practices
is that there is no end to the journey and that they need to improve and remain
leaders continuously. Customers always expect more, and competitors will always
be there to deliver it if you don’t do it first. Remaining a leader requires adapting
Fig. 42. Continual IT Improvement.
to customer feedback and continually improving products and practices, and rec-
ognizing when it’s time to pivot. New metrics are defined to measure and manage
improvement, as well as value delivered.
Framework efficacy from organization benefices: The proposed framework is
currently being adopted by the IT department of the National Port Agency in
Morocco. We highlight some benefits after the implementation of the proposed
ITSM framework.
User and client expectations have changed, and the IT department has to
develop other ways of communicating with them. The goal is to provide IT ser-
vice management with a tool to anticipate their requests, optimize productivity,
reduce downtime, and have all the necessary ITSM processes, including inci-
dent management, problem management, changes, requests, self-service, as well
as SLA management, etc. The benefits of the adoption of the practical ITSM
framework are:
⦁⦁ 95% success rate on XLAs;

⦁⦁ involve the end user in the incident management process (self servicing);
⦁⦁ SSO password management policy (fewer passwords);
⦁⦁ increase the satisfaction rate of computer users by 75%–90% since 2016, ensur-
ing the quality of the services delivered through a survey quality system;
⦁⦁ make the profiles versatile (admin driver) internal or for client projects;
⦁⦁ continue to improve the management of releases (business case, decision,
planning, monitoring, deliverables, etc.);
⦁⦁ continue to improve the configuration management process in accordance with
operational practices (car inventory, life sheets, and ITSM tool);
⦁⦁ with the Quality Manager, continue to strengthen reporting;
⦁⦁ making the management system more efficient;
⦁⦁ replace the performance evaluation based on user experience XLA instead of
complex SLA documents;
⦁⦁ review the incident/problem relationship (status of the incident after opening
a problem);
⦁⦁ formalize any type of structure to manage all goods, regardless of the type of
goods, business applications, or equipment, etc.;
⦁⦁ provide decision-makers with detailed information on the allocation, cost, and
forecast of assets;
⦁⦁ reduce risk by avoiding penalties and expensive litigation due to regulatory or
contractual non-compliance, especially in software licensing;
⦁⦁ implement asset responsibility with management reporting to optimize the use
of assets and protect against the malicious use and/or theft;
⦁⦁ reduce costs by eliminating unnecessary acquisitions if the property already
exists;
⦁⦁ proactively manage the warranty and support and maintenance contracts for
optimal utility;
⦁⦁ negotiate better contracts by properly managing assets and suppliers;
⦁⦁ improve productivity by automating the movement of goods in the business
environment;
⦁⦁ ensure that assets and services meet the baseline configuration for vulnerability
patches, antivirus policies, and user security are well-addressed to meet compli-
ance standards such as PCI and ISO 2700x;
⦁⦁ facilitate data-based internal compliance and accountability audits to continu-
ously improve processes; and
⦁⦁ implement a continuous improvement strategy DDAO.
Summary
In the age of digitization, the world is evolving at a constant pace. Companies
need to respond to changing conditions and often agility is the only guarantee of
survival. Globalization means more competition. The product life cycle is shorter
than ever. Disruptive technology can change markets overnight.
A company faces significant challenges in maintaining security and compli-
ance while achieving its business objectives, ensuring compliance with applicable
regulations, and managing its people and technology. IT staff must be able to
respond quickly to changing business needs while maintaining the existing infra-
structure. The oft-cited management goal, “Doing more with less,” is not just a
goal; it is a corporate commitment. The management of the IT department is at

the heart of the company’s information system. ITSM must be able to respond
effectively to customer expectations and deal with unforeseen changes. Agility has
become an essential brick in the construction of an efficient and flexible service
management strategy.
This chapter aims to propose a global framework for agile IT service manage-
ment. This framework goes beyond the limits of existing methods/references and
meets the needs of international standards in terms of flexibility and agility to
improve ITSM processes.
Chapter 6
Cloud Computing as a Drive for Strategic

Agility in Organizations
Abstract
Since 2007, the cloud computing term had been introduced to the informa-
tion technology (IT) dictionary. The theme is attracting growing interest
from both the IT world and the business players, who need to enhance in-
formation systems agility, reduced costs, or even less dependence on internal
IT teams when they are judged too slow. However, the fact that cloud com-
puting, as presented by providers, increases the agility, is unclear. Business
Managers; IT professional, and academics are querying about relationship
between cloud computing and IT agility. This chapter aims to answer two
major concerns: Factors that influence cloud computing adoption in medium
and large organizations, and the cloud computing role to improve the agility
of information systems. This chapter argues that cloud computing impacts
Information System (IS) performance by organizational capabilities (agility).
One of the primary motivations of this chapter is the lack of fieldwork when
considering how cloud computing improves the information systems’ agility.
6.1 Introduction
Since 2007, the two leaders in cloud computing, IBM and Google, have invested
in the construction of large data centers that can be used by students over the
Internet to remotely program and research, known as cloud computing (Lohr,
2007). The cloud infrastructure was also recognized as a cost-effective model for
delivering information services, reducing information technology (IT) manage-
ment complexity, promoting innovation, and improving real-time responsiveness.
For many organizations (Buxmann, Diefenbach, & Hess, 2015) and countries
(Changchit & Chuchuen, 2018), cloud infrastructure has served as a platform for
developing innovation and a highly qualified human resource capacity. In 2011,
the US federal government estimated that 20 billion dollars of the IT investment

doi:10.1108/978-1-80043-810-120211007
budget, which is 80 billion dollars, would be a potential target for cloud computing
solutions migration (Metheny, 2013).
Cloud Computing has had a significant impact on IT during recent decades
as leading companies such as Google, Amazon, and Microsoft have focused on
providing more efficient, secure, and cost-effective cloud platforms for organiza-
tions that are trying to redefine their business models using the concept. Cloud
Computing is one of the major technologies that has revolutionized the world
of computing. The IT service delivery model provides significant benefits, which
enables today’s organizations to adapt their IT infrastructure proactively to
face a rapidly changing environment and business requirements. Importantly,
it significantly reduces the complexity of IT management, enabling more use of
IT. Cloud-based services also offer interesting reuse opportunities and design
challenges for application developers and platform providers. Cloud Computing
has, therefore, generated much enthusiasm among technologists and researchers
in general.
For many organizations, cloud computing can be a driving factor of change,
enabling them to make optimal use of information and communication technol-
ogies without investing massively at the outset and avoiding the risks of getting
stuck with obsolete technologies. With cloud computing, providers can provide
an information and communication technology infrastructure as a service to end
customers (Fernando, Loke, & Rahayu, 2013; Kim, Beloglazov, & Buyya, 2009).
By using cloud computing, organizations can reduce the cost of information and
communications technology acquisition and maintenance, attracting new custom-
ers, increasing revenue, preserving profitability, and improving agility (Goyal &
Dadizadeh, 2009; Marston, Li, Bandyopadhyay, Zhang, & Ghalsasi, 2011).
Companies that have made lower investments in information and communications
technology infrastructure are more apt to adopt and use cloud computing (Bhat,
2013). Large enterprises are increasingly adopting cloud computing (Alshamaila,
Papagiannidis, & Li, 2013; Gupta, Seetharaman, & Raj, 2013).
In 2017, the situation changed radically. Forty-eight companies of the fifteen
“Fortune Global 50” (Brinda & Heric, 2017), companies have publicly announced
their cloud adoption plans. Today, cloud computing is increasingly becoming
the leading technology to do business for the next generation. The agility of the
cloud enables enterprises to accelerate time to the marketplace by reaching vari-
ous parts of the development chain. Due to promises of IT efficiency and busi-
ness agility, they are integrating cloud computing into their IT strategies (Lynn
et al., 2018). Cloud computing is a combination of two fundamental IT tenden-
cies: IT efficiency, where IT performance is used more efficiently, and business
agility, where IT is a competitive tool through rapid deployment, batch parallel-
ism, and business intensive analytics (Avram, 2014).
Cloud computing infrastructures can improve the efficiency with which com-
panies can use their investments in information technologies through the unifica-
tion of separate systems and automation of the management of the group of
systems as a unified entity. Cloud infrastructure can be a cost-effective model for
delivering information services, reducing IT management complexity, promoting
innovation, and increasing responsiveness through real-time.
Cloud Computing as a Drive for Strategic Agility 119
Many customers are interested in cloud infrastructure as a platform for

innovation, particularly in countries that want to foster the development of a
highly skilled and high-tech workforce. Reduce operating costs: The resources
of a cloud environment can be rapidly assigned and unallocated according to
demands. Therefore, a service provider can achieve significant operating cost sav-
ings through resource liberation when service demand is low. Cloud Computing is
a combination of two trends in IT, IT efficiency and commercial agility, through
information technologies, which provide a competitive factor by rapid and paral-
lel deployment, batch processing, etc.
It is noted that the number of organizations adopting cloud computing continues
to increase (Gartner, 2017). The purpose of this chapter is to provide recommen-
dations for decision-makers in IT and to explain cloud computing technology in
agility terms. Cloud computing is a growing technology, and its strengths and weak-
nesses have not yet been adequately studied, documented and tested. This chapter
proposes recommendations on when and how cloud computing is a useful tool and
outlines the limitations of recent studies and the perspectives for future research.
6.2 Goals and Objectives of the Research Study

The agility that the cloud brings lies in the speed with which IT resources can be
provisioned (Sawas & Watfa, 2015). This accelerates innovation by enabling the
rapid deployment of new services with minimal constraints.
Indeed, the cloud is flexible and adaptable; its implementation and infrastruc-
ture require no investment, and it is accessible everywhere. It is a revolution that
allows companies to overcome the constraints of past deployment models. The
cloud provides all the tools that companies need to exploit ever-increasing vol-
umes of data or to create applications that allow employees and customers to
interact with this data. It allows organizations to address market issues flexibly
and experimentally.
This research focuses on factors related to the cloud computing adoption pro-
cess and in particular, the impact of agility on how to integrate cloud-computing
technology into information systems. It mainly aims to explore how agility is
charging influences decision-making, and how cloud computing will increase the
agility of information systems. The research question addressed is how adopting
cloud computing improve IS agility?
Previous research (Yang, Huff, & Tate, 2013) provides preliminary empirical
evidence that agility and one of the factors influencing decision-making concern
the adoption of cloud computing technology as well as its role in increasing the
agility of information systems. Our study builds on these studies by theorizing
and empirically validating the factors influencing the decision to adopt cloud-
computing technology.
The two research questions of interest to this study are:
⦁⦁ What factors drive cloud computing technology adoption and why?

⦁⦁ To what extent are cloud-computing adoption improve information systems
agility?
To address these questions, we draw the technology acceptance model and

prior diffusion of innovation (DOI) research to propose a cloud adoption model
and framework to improve IS agility through cloud technology.
The chapter proceeds as follows. The following section looks at the literature
on factors influencing cloud computing adoption deaths in order to construct a
theoretical model for cloud technology adoption. The second section describes
empirical studies that test the proposed model. The third section describes the
construction and validation of a framework to increase IS agility through cloud
computing. This framework is the subject of a qualitative study.
6.3 Literature Review

This literature reviews synthesized current cloud research from the perspective
of organizations. It integrates results using an established framework; our results
are structuring according to the following four aspects: cloud-computing prop-
erties, adoption characteristics, governance process, and impact on the informa-
tion system agility. This section highlights a shift in focus from technology issues
to a broader understanding of cloud computing as a new IT concept. There is
a growing recognition of its characteristics and fundamentals of the concept.
However, research on the factors that drive or limit cloud adoption of services,
as well as empirical research on agility through the cloud, is rare. It can be due
to that cloud computing is a recent and relatively new research topic (Adamson,
Wang, Holm, & Moore, 2017). Research on the different phases of service cloud
deployment is also at a developmental stage.
Although this concept is not entirely new, there is no universal or standard
definition of cloud computing (Foster, Zhao, Raicu, & Lu, 2008; Gong, Liu,
Zhang, Chen, & Gong, 2010; Sultan, 2010). It has evolved with recent advances
in virtualization technology, cloud computing, and Internet-based service deliv-
ery. The “cloud” metaphor refers to the ubiquitous availability and accessibil-
ity of computer resources through Internet technologies (Sultan, 2010; Vouk,
2008). With cloud solutions, enterprises and consumers can easily access large
amounts of computing performance at negligible cost (Wu, Lan, & Lee, 2011).
Transferring IT capabilities such as storage, applications, and services toward
the cloud offer companies the ability to potentially reduce the cost of overall IT
(Goscinski & Brock, 2010; Martens & Teuteberg, 2012; Stanoevska, Wozniak, &
Ristol, 2009). Cloud computing thus offers financial advantages that organiza-
tions could certainly not ignore.
Typically, there are three types of cloud computing services (Chang, De Roure,
Wills, & Walters, 2011). In Infrastructure as a Service (IaaS), the computing and
storage power base units are cloud-based and available on demand (e.g., Amazon
Elastic Compute Cloud (EC2), Rackspace, Amazon Simple Storage Service (S3),
and GoGrid). Among the advantages of this model are pay-for-use and resource
elasticity to satisfy computation needs (Thomas, Redmond, & Weistroffer, 2009).
In the case of Platform as a Service (PaaS), the service provider offers a stack of
integrated solutions to create and deploy applications from the cloud (e.g., Sales-
force, Google AppEngine, and Microsoft Azure). This model has the advantage
of being able to provide all the elements of software development (design, testing,
version control, maintenance, and hosting) via the Internet (Stanoevska et al.,
2009). SaaS (“Software as a Service”) is necessarily the ability to access cloud-
based applications using a thin client (such on a web browser or mobile applica-
tion) instead installing software to their computer (e.g., Joyent and SalesForce
CRM). Among its advantages are centralized configuration and hosting, updates
to current software versions without the need for reinstallation, and accelerated
feature delivery (Dillon, Wu, & Chang, 2010).
Cloud computing represents the intersection of IT effectiveness and business
agility (Kim, 2009). IT performance results from the use of scalable hardware
and software resources (Marston, Bandyopadhyay, & Ghalsasi, 2011), improved
work efficiency and coordination between firms (Abdollahzadehgan, Che Hus-
sin, Gohary, & Amini, 2013), and highly available services (Armbrust et al.,
2010). The business agility of cloud computing is the ability to rapidly deploy
computing tools, reduce initial capital expenditures (Hoberg, Wollersheim, &
Krcmar, 2012; Lin & Chen, 2012), and respond quickly to changing market
needs (Armbrust et al., 2010; Hoberg et al., 2012). Cloud Computing removes
traditional boundaries between enterprises. This ability to seamlessly, deliver IT
functions as cloud-based solutions has proven to be viable and cost-effective,
as demonstrated by its growing adoption. Li, Zhang, O’Brien, Cai, and Flint
(2013) aimed at evaluating and comparing commercial cloud services, compiled
a de facto metrics catalogue using a systematic literature review of current cloud
services assessment work. Yang et al. (2013) looked at conceptualizing IS agility
based on previous research to assess the contribution of different cloud comput-
ing services to IS agility.
From the reduced complexity and unlimited scalability to the on-demand capac-
ity and cost savings of CapEx, Cloud Computing delivers all the promise. While
there are still many unanswered questions about cloud computing, many compa-
nies are optimistic about their ability to deliver on these promises. Regardless of
how well cloud-computing delivers on its promise, one thing is sure: organizations
are not willing to sacrifice security, visibility, and control to move to the cloud. They
need to know what is happening in the cloud, how their applications are delivered,
and how traffic is controlled and directed. A must-have in cloud computing is agil-
ity: the capacity that enables enterprises to respond rapidly and accurately to unex-
pected and changing business demands. Agile enterprises, those that can provide
on-demand IT services under all workload conditions, can seize new opportunities
and remain competitive. This fact prompted us to continue this research in order to
verify whether cloud computing can improve IT agility. Table 13 summarizes our
literature review, highlighting the different methodologies and contributions.
6.4 The Theoretical Foundation

Tornatzky, Fleischer, and Chakrabarti (1990) outline the Technology Organi-
zation Environment (TOE) framework in order to understand the innovation
process in an enterprise context. It addresses three factors that influence the
adoption of an innovation: technology, organization, and the environment.
Table 13. Cloud Computing Studies.
122
Author IT Adoption Constructs/Factors Methods Data and Context

(Dependent (Independentvariables)
Variable) Variables)
Abdollahzadehgan Cloud Technology (relative advantage, Conceptual Conceptual Model
et al. (2013) computing complexity, compatibility), Organization (top
management support, firm size, technology
readiness), and Environment (competitive
pressure, trading partner pressure)
Low, Wu, and Cloud Technology (relative advantage, complexity, Factor analysis (FA), An e-mail survey of 111
Chen (2011) computing compatibility) logistic regression firms belonging to the
high tech
Wu et al. (2013) Cloud Business process complexity, Confirmatory factor An e-mail survey
computing entrepreneurial culture, compatibility, analysis, multiple of N = 289 firms in
application functionality regression analysis Manufacturing and retail

Nkhoma and Intention to Adopter’s style as moderator of Partial least squares Using secondary data
Dang (2013) adopt cloud perceived technology barriers, perceived (PLS)
computing environmental barriers, perceived benefits
Lin and Cloud Relative advantage, compatibility, Semi-structured 19 IT professionals,
Chen (2012) computing complexity, Trial-ability, observability Qualitative interview Taiwan
Trigueros-Preciado Cloud adoption Barriers and benefits Qualitative and Survey N = 94 SMEs in
et al. (2013) quantitative Spain
methodology
Hsu, Ray, and Cloud adoption Perceived benefits, business concerns, and Quantitative Survey of 200 Taiwanese
Li-Hsieh (2014) IT capability aresignificant determinants of methodology, PLS firms.
cloud computing adoption,while external
pressure is not.
Lian, Yen, and Sata security, perceived technical ANOVA Survey of 106 CIOs of
Wang (2014) competence, cost, top manager support, hospitals.
and complexity.
Hemlata, Hema, Cloud Relative advantage, compatibility, Exploratory, A questionnaire was
and Ramaswamy adoption complexity, organizational readiness, top confirmatory used to collect the data
(2015) management commitment, and training factor analysis, and from 280 companies in
and education. structuralequation IT, manufacturing and
modeling finance sectors in India
Kshetri (2013) Cloud Regulative, normative, cognitive Conceptual Survey of Cloud Vendors
adoption in China N = 7
Sharma, Gupta, Cloud IT service cost, time to market and qualitative and Experts from 13
and Acharya adoption organization size quantitative organizations (including
(2017) 8 cloud service providers
(CSPs) and 5 cloud
service users (CSUs))
Senarathna, Cloud Relative advantage, quality of service and Quantitative Survey of 149 Australian
Wilkin, Warren, adoption awareness, ecurity, privacy and flexibility) methodology SMEs
Yeoh, and Salzman
(2018)
Butt et al. (2019) Agile cloud Cost effectiveness, security and privacy Excel Sheet, The total of seven IT
adoption Questionnaires industries and many
professionals from
software industries-related
to cloud-agile adoption
Cloud Computing as a Drive for Strategic Agility
Skafi, Yunis, and Cloud adoption Complexity, security, top management Confirmatory factor Data collected from 139
Zekri (2020) support and prior IT experienc analysis and logistic respondents working in
123
regression SMEs in Lebanon

Technology context means the internal and external technologies pertinent to the
organization and those that could be adopted. Organizational context relates to
company descriptive characteristics (i.e., size, organizational structure, and level
of centralization), resources (human and insufficient resources), and communica-
tion process (formal and informal) among employees. Concerning the environ-
ment, this context includes environmental market elements, competitors, and the
regulatory framework (Oliveira & Martins, 2010, 2011; Tornatzky et al., 1990;
Zhu & Kraemer, 2005).
Several research studies have examined technical and operational issues related
to cloud computing, involving topics such as selecting cloud computing services in
terms of cost and risk (Martens & Teuteberg, 2012), secure storage audit protocol,
and computing in the cloud. Cost of cloud computing ownership models (Mazhelis
& Tyrväinen, 2012; Tan & Ai, 2011; Walterbusch, Martens, & Teuteberg, 2013), and
security issues, privacy risks, and information loss (Chong, Ooi, Lin, & Raman, 2009;
Wang, 2010). Our search of scholarly databases found only a few published journal
articles addressing cloud computing adoption from an organizational perspective, as
shown in Table 13. Abdollahzadehgan et al. (2013) used the DOI and TOE frame-
work to study the adoption of cloud computing in Taiwan’s high-tech industry. Their
research model was not expansive, because it did not address critical factors such
as cost savings and security concerns that are critical to the enterprise’s adoption
of cloud computing. They also assessed cloud adoption as a dynamic dependent
variable rather than a continuous process. Lin and Chen (2012) interviewed 19 IT
professionals in Taiwan using a semi-structured interview format. According to their
qualitative assessment, IT organizations are hesitant to adopt cloud computing until
the uncertainties associated with cloud computing (e.g., security and standardiza-
tion) are further resolved, and useful business models emerge. Trigueros-Preciado,
Pérez-González, and Solana-González (2013) use a qualitative and quantitative anal-
ysis methodology to identify barriers to cloud adoption. They surveyed 94 Spanish
Small Medium Enterprises and concluded that knowledge of cloud computing was
low among companies and that companies knew nothing about cloud computing.
Our search of scholarly databases found only a few published journal arti-
cles that assess cloud-computing adoption from an organizational perspective as
shown in Table 13. Abdollahzadehgan et al. (2013) used the DOI and TOE frame-
work to study the adoption of cloud computing in Taiwan’s high-tech industry.
Their research model was not expansive, because it did not address critical factors
such as cost savings and security concerns that are critical to the enterprise’s adop-
tion of cloud computing. They also assessed cloud adoption as a dynamic depend-
ent variable rather than a continuous process. Lin and Chen (2012) interviewed 19
IT professionals in Taiwan using a semi-structured interview format. According
to their qualitative assessment, IT organizations are hesitant to adopt cloud com-
puting until the uncertainties associated with cloud computing (e.g., security and
standardization) are further resolved, and useful business models emerge.
Trigueros-Preciado et al. (2013) used a qualitative and quantitative analysis
methodology to identify barriers to cloud adoption. They surveyed 94 Span-
ish SMEs and concluded that knowledge of cloud computing was low among
companies and that companies knew nothing about cloud computing adoption.
Nkhoma, and Dang (2013) used secondary data from the survey of a large ser-
vices company to study the drivers and barriers to cloud computing adoption.
Wu, Cegielski, Hazen, and Hall (2013) investigated whether the information pro-
cessing requirements and capacity affect the firm’s intention to adopt cloud com-
puting; they used the DOI theory and information processing view to conduct
their study in the supply chain domain.
Abdollahzadehgan et al. (2013) proposed using the TOE framework to evalu-
ate the barriers to cloud computing adoption in SMEs; their study did not include
hypobook testing or empirical validation. Kshetri (2013) used the institutional
theory to investigate the perception and security issues based on the context pro-
vided by formal and informal institutions; no empirical assessment was provided.
The review of published journal articles indicates that most studies empirically
evaluate the direct effects of innovation, contextual factors or conduct analysis
using qualitative methods or secondary data on the adoption of cloud comput-
ing. No study has taken a holistic approach to empirically validate the direct and
indirect effects of the innovation characteristics and the underlying technology,
organization, and environmental contexts. Yang and Tate (2012) voice similar
concerns by classifying the published journal articles on cloud computing into
four research themes: technological, business issues, domains, and applications,
and conceptualization.
Based on a descriptive literature review of 205 refereed journal articles, their
study indicates that research on cloud computing is skewed mostly toward tech-
nological issues. They highlight the paucity of cumulative research to address
the social, organizational, and environmental perspectives of cloud computing.
In this study, we address this crucial research gap by developing an integrative
research model that combines the theoretical perspectives of the DOI and the
technology, organization, and environmental contexts.
6.4.1 Combining DOI and TOE

To determine the concepts of the integrative search model, an extensive search
was conducted using the DOI and TOE framework, including EBSCO Academic
Search, all ProQuest databases (e.g., ABI/INFORM Global), PsycNet databases,
Springer, Science Direct, and Google scholar. Subsequently, the well-cited stud-
ies have been consolidated to identify the most representative factors evaluated
in the published literature on adoption studies. Finally, we also examined each
construction to identify its applicability in adopting cloud computing. The fac-
tors identified by this systematic approach and the dependent variable measured
by them are summarized in Table 14.
Many research calls for an approach that combines more than one theoreti-
cal perspective to understand the adoption of new innovative technologies by
information systems (Fichman, 2004; Oliveira, T., & Martins, 2011; Wu et al.,
2013). As such, to better comprehend the organizational decisions that relate to
the adoption of technological innovation, the study context must be global and
the variables adapted to the specificity of the innovation (Adams et al., 2009).
DOI, moreover, TOE methods are widely used in many IT adoption studies and
Table 14. Summary of the Factors Studied Influencing Cloud Adoption.
126
Sources Model/ Factors

Theory
Agility
Security, Privacy
and Trust
Cost-Saving
Top Management
Support
Competitive pres-
sure
Firm Size
Technological
Readiness
Relative advantage
Competence and
Awareness
Compatibility
Complexity
Data Sovereignty
Zhu, Kraemer, and Xu (2006) TOE * * * *

Zhu, Dong et al. (2006) TOE & Others * * * * * *
Zhu and Kraemer (2005) TOE * * *
H.-F. Lin and Lin (2008) TOE * *
Kuan and Chau (2001) TOE * * * * * *

Ringle, Sinkovics, and Henseler (2009) TOE * * * * *
Chong et al. (2009) DOI * *
Alam (2009) DOI & TOE * * * *
Adams et al. (2009) DOI & TOE * * *
Azadegan and Teich (2010) DOI & TOE * * *
Tsai, Lee, and Wu (2010) DOI * * *
Ghobakhloo, Arias-Aranda, and Benitez- TOE * * * *
Amado (2011)
Abdollahzadehgan et al. (2013) TOE * * * *
Low et al. (2011) DOI & TOE * * * * * *
Rimienė (2011) - *
Siegel and Perdue (2012) - * * *
Klein (2012) TOE * * *
Lin and Chen (2012) DOI * * *
Alshamaila, Papagiannidis, and – * * * *
Li (2013)
Wu et al. (2013) DOI & Others * *
Yang et al. (2013) – * * *
Oliveira, Thomas, and Espadanal (2014) DOI & TOE * * * * * *
Amini and Bakri (2015) DOI & TOE * * * * * * *
Cho and Chan (2015) * *
Abolfazli et al. (2015) – * * * *
Senarathna (2016) DOI & TOE * *
Prerna and Shah (2016) * *
Chemjor and Lagat (2017) TOE * * * *
Sandu and Gide (2018) TOE * * * *
Amron, Ibrahim, Abu Bakar, and DOI & TOE * * * * * * * * * *
Chuprat (2019)
127
had received ongoing empirical support. Also, The value of context integration
(TOE) to reinforce DOI theory is recognized (H.-F. Lin & Lin, 2008; Oliveira &
Martins, 2011; Wu et al., 2013). Implicitly, the technological context is the same
idea as Rogers (2003). The DOI has the same internal and external organizational
characteristics as the TDE organizational context (Hsu, Kraemer, & Dunkle,
2006). There are also significant differences between the two theories. The TOE
does not specify the role of individual characteristics (e.g., senior management
support). At this point, DOI suggests that executive support is included in the
context of the organization. Likewise, the DOI ignores the impact of the environ-
mental context. As a result of the limitations of DOI, TOE provides more insight
into IT adoption by including technology, organizational and environmental con-
texts (Zhu, Dong, Xu, & Kraemer, 2006). Consequently, the two theories signifi-
cantly complement each other (Oliveira & Martins, 2011).
Of the five DOI attributes, there are three innovation characteristics applicable
to cloud adoption: relative advantage, complexity, and compatibility. Experimen-
tation and observational capacity are not widely used in IT innovation studies
(Chong et al., 2009). Thus, by following general information and systems research
guidelines, we ignore these two attributes because they are not relevant to cloud
computing technology. Rogers (2003) states that “the nature of the innovation
determines the type of relative benefit that is important to the adopter” and that
the relative benefit of the innovation can be “expressed in terms of economic
profitability, social prestige or by other means.” In our study, we postulate that
cloud computing can lead to an economic advantage in terms of cost reduction
(Ifinedo, 2011a) that it is capable of improving IS agility (Yang et al., 2013).
Similarly, security concerns can reduce the relative benefits of cloud comput-
ing. We, therefore, include two additional attributes, namely cost savings, and
security as antecedents to the relative advantage of cloud computing. They deter-
mine whether cloud computing can be relatively beneficial in achieving cost sav-
ings, improving IT agility to meet change, seize new opportunities, and remain
competitive. Table 14 below studied the fatcors influencing cloud adoption.
6.5 Research Model and Hypotheses

From the DOI and TOE models, we invistigate the organizations decision making
regarding the adoption of cloud computingthe. Factors specific to the organiza-
tional context are top management support and firm size. The extent to which the
environmental context may influence the firm’s decision to adopt cloud comput-
ing is identified by two variables, competitive pressure, and regulatory support.
The integrative research model is illustrated in Fig. 43. By associating the innova-
tion characteristics of cloud computing with the technological, organizational,
and environmental contexts of the TOE framework, we are acting on researchers’
call to build a more holistic model to understand the diffusion of IT innovation
(Kalle & Rose, 2003; Oliveira & Martins, 2011; Wu et al., 2013). Linking this the-
oretical positioning to our literature review described in Table 13, we identify the
key characteristics of cloud adoption in terms of technological, organizational,
environmental and innovation factors.
TECHNOLOGICAL
READINESS
INNOVATION
Technological CHARACTERISTICS
readiness
Agility
H5
ORGANIZATIONAL
CONTEXT
Top Management H1
Support
Compatibility
H6 H4
Firm Size CLOUD

H7
COMPUTING H2 H2a Security
ADOPTION Issues
Competence and
DECISION Relative
Awareness H8 Advantage
H3
H2b
ENVIRONMENTAL Cost-Saving
CONTEXT H9
Complexity
Competitive
Pressure H10
Data Sovereignty
Fig. 43. The Proposed Model for Cloud Adoption in Organizations.
6.5.1 The Innovation Characteristics

⦁⦁ Agility
The most important advantage of Cloud computing is that it adds to the agil-
ity of an organization. With the use of cloud computing, enterprise systems are
being transformed, allowing organizations greater flexibility in the use of services,
greater flexibility, and higher productivity (Kunio, 2010). According to Sitaram
and Manjunath (2012), agility and innovation are considered the main growth
drivers offered by cloud computing. Companies willing to reconfigure around
cloud computing would be more adaptable to changing external markets and bet-
ter positioned to exploit new opportunities by leveraging the scalability and agil-
ity of cloud computing (Altaf & Schuff, 2010; Weinhardt et al., 2009).
Thus, H1. Agility can positively influence the relative benefits of cloud
computing.
⦁⦁ Relative Advantage
Relative advantage is defined as the measure to which an innovation is considered

more beneficial than the idea replaced (Rogers, 2003). Innovations with a clear and
unequivocal advantage in strategic effectiveness (e.g., improved revenues) and oper-
ational efficiency (e.g., cost savings) have a stronger incentive to adopt (Greenhalgh,
Robert, Macfarlane, Bate, & Kyriakidou, 2004). In the case where the advantages
of technology (in this case cloud computing) outweigh existing processes and prac-
tices (Ifinedo, 2011b), the benefits will impact positively on its adoption.
Therefore, H2. The relative advantage will have a positive influence on cloud
computing adoption.
⦁⦁ Security, privacy, and trust
The term security breach refers to an incident in which a company or govern-

ment organization loses sensitive information, personal data, or other confiden-
tial information (Bishop, 2002). Cloud computing is a convergence of storage and
computing in a multi-user shared environment. Which increases security risks
(Schneiderman, 2011; Shen & Tong, 2010), because organizations are not aware
of and uncertain about potential security risks (Benlian & Hess, 2011). Also, the
lack of mature security protocols and identity management standards means that
organizations will be reluctant to adopt a cloud computing solution. Migration
to the cloud adds new layers of complexity to data security, which significantly
influences the company’s decision to adopt an innovation.
Hence; H2a. The security and privacy issues will have a negative impact in
terms of cloud computing’s relative advantage.
⦁⦁ Cost-Savings
Cloud computing technology offers opportunities for innovation, reduces IT

spending, and reduces the total cost of computing (Cervone, 2010). By allowing
companies to focus on their core business rather than being stifled by techno-
logical change, cloud computing fosters innovation. By choosing cloud com-
puting, an enterprise can reduce the time spent on system maintenance and the
time required for routine upgrades. Cloud computing also reduces infrastructure
costs, reduces energy consumption, and reduces maintenance costs (Mazhelis &
Tyrväinen, 2012). Thanks to vendor specialization, cloud computing service pro-
viders can offer IT functions at lower cost and deliver economies of scale to the
end user (Benlian & Hess, 2011). As a catalyst for the rapid adoption of changing
technologies, the cloud offers cost-effective ways to transform businesses by rein-
venting an organization’s way goods, and services are sold and used.
Hence H2b. Cost-savings would positively influence the relative benefits of

cloud computing.
⦁⦁ Complexity
Complexity is a stage where innovation is considered relatively difficult to under-

stand and implement. The easier the technology is to integrate into business oper-
ations, the higher the likelihood of its adoption. Cloud environments provide the
ability to instantly pool resources to meet workloads. However, moving to a cloud
solution can be a challenge for organizations that lack technical expertise and IT
specialists. For example, integrating existing applications with a specialized cloud
infrastructure (e.g., Oracle’s Elastic Cloud or HP’s Cloud System) may require
a level of expertise which is not available easily within the enterprise. Also, the
use of cloud-based solutions presents challenges when defined limits for securing
business processes and data privacy in a multi-tenant, shared environment are not
sufficiently refined (Crook & Kumar, 1998).
Hence, H3. Complexity will have a negative influence on cloud adoption.
⦁⦁ Compatibility
Compatibility is the degree to which the innovation corresponds to the existing

values, past practices, and current needs of the potential adopter ers. Compat-
ibility is an important determinant of innovation adoption (Azadegan & Teich,
2010; Chong & Bauer, 2000; Dedrick & West, 2004; Sila, 2010). For example, if
the purpose of cloud adoption is to take advantage of the scalability benefits
of low-security applications, transferring capacity to cloud infrastructure makes
economic sense. For example, business capacity and operability are factors that
will determine whether an organization should adopt cloud computing.
So, H4. Compatibility can positively affect the cloud adoption.
6.5.2 Technological Readiness

The technology context refers to the technological characteristics available in
the organization for the adoption of technology. It includes both the structural
aspects and specific human resources. The structural aspects refer to the plat-
form or the technological infrastructure (e.g., installed network technologies and
enterprise systems) within the firm that the cloud-computing services can com-
plement or replace (e.g., implementing a collaborative document sharing solution
using cloud-based storage). The specific human resources are the people within
the organization who have the knowledge and skill to implement the cloud-com-
puting services (e.g., employees with computer skills, IT specialists) (Lim, 2009).
Together they enhance the technological readiness of an organization. Therefore,
firms with a higher degree of technological readiness are better positioned for the
adoption of cloud computing.
Hence, H5. Technological readiness will positively influence cloud-computing

adoption.
6.5.3 The Organization Context

⦁⦁ Top management support
Organizational context refers to the availability of resources that support the

adoption of an innovation (Lippert & Govindrajulu, 2006); that is, organi-
zational characteristics which facilitate or limit a firm’s adoption and imple-
mentation of the innovation. Many factors affect the relationship with the
organizational structure and innovation adoption, such as the level of centrali-
zation, distribution of power and control, information linkages, availability of
insufficient resources, lateral communication, firm size, and senior management
support (Tornatzky et al., 1990; Xu & Quaddus, 2012). Among these, senior
management support and enterprise size are the most critical factors in assess-
ing cloud adoption (Lippert & Govindrajulu, 2006). Senior management sup-
port plays an essential role in the adoption of IT in the cloud by supporting the
decision to allocate the necessary resources, integrate services, and re-engineer
processes (Abdollahzadehgan et al., 2013). When senior management fails to
recognize the benefits of cloud computing to the business, one must wait for the
opposition to adoption.
So, H6. Top management support will have a positive influence on cloud
adoption.
⦁⦁ Firm size
Another organizational factor can influence cloud adoption. Indeed, large

firms have an advantage over small firms, because they have more resources
and can take more risks associated with adopting the innovation (Thiesse,
Staake, Schmitt, & Fleisch, 2011; Zhu, Kraemer, et al., 2006). Research has
shown that small firms while more versatile, do not readily adopt new technol-
ogies (Lippert & Govindrajulu, 2006). As a result, enterprise size is a deter-
mining factor in the adoption of cloud computing (Abdollahzadehgan et al.,
2013).
Hence H7. Firm size will have a positive influence on cloud adoption.
⦁⦁ Competence and Awareness
One of the main challenges of the adoption of cloud computing is the lack of
competent cloud profiles. These issues are crucial today for companies that want
to stand out from the crowd in order to recruit and retain the best candidates
and meet the expectations of new generations. The university’s role is crucial to
continue the evolution and help companies in educating and training on cloud
computing concepts and application (Abolfazli et al., 2015).
Hence H8. Firm size will have a positive influence on cloud adoption.
6.5.4 The Environmental Context

⦁⦁ The competitive pressure
The environmental context is the framework in which a company operates and

depends on the nature of the industry, its competitors, and its ability to access
resources provided by others and government relations (Lippert & Govindrajulu,
2006). Among these, the drivers that have an impact on cloud adoption are business
competition and the regulatory environment (Zhu, Kraemer, & Xu, 2003). In the
literature on the DOI, competitive pressure has long been seen as an essential driver
for technology diffusion. It refers to the pressure exerted by competitors in the
industry (Abdollahzadehgan et al., 2013; Zhu et al., 2003). Adopting new technolo-
gies is often a strategic necessity to compete in the marketplace. Cloud Comput-
ing enables enterprises to benefit from greater operational efficiency, better market
visibility, and more accurate access to real-time data (Misra & Mondal, 2011).
That is why H9. The competitive pressure will influence the adoption of cloud
computing positively.
⦁⦁ Data Sovereignty
Data sovereignty is the respect of rights associated with data based on the loca-
tion of the entity that has control over it. Governments generally apply data
sovereignty to limit the cross-border storage of (sensitive) data, limiting organi-
zations to operating local data centers only when external services may be more
efficient and affordable (Abolfazli et al., 2015).
Guaranteeing the ownership, security, and sovereignty of data has become a
vital issue for companies, especially governments, which have decided to demate-
rialize their information systems in the cloud (Zhu, Kraemer et al., 2006). Several
organizations are still asking questions about the storage and sovereignty of data
in the cloud. Answering these questions and clarifying misunderstandings around
data sovereignty promote better cloud adoption.
H10. Data Sovereignty have an impact on the cloud adoption.
6.6 Research Methods

Two types of research methods can be used in this exploratory study: qualita-
tive and quantitative. A qualitative method allows participants to answer specific
questions from their perspectives. Qualitative data are generally collected using
open-ended questions. In this method, researchers can obtain more information
on the current situation, human attitudes, opinions and decisions (Tashakkori &
Creswell, 2007). This approach can provide more in-depth information on the
subject of the study (Anderson, 2010).
The second type of research method is a quantitative method. In this
approach, data are collected through closed-ended questions and participants are
not allowed to explain their responses (Tashakkori & Creswell, 2007). There are
various ways to collect quantitative data, such as questionnaires and scientific
experiments. Using this approach, researchers can measure participants’ opin-
ions, and decisions and different strategies can be used to analyze numerical data
(Venkatesh & Brown, 2013).
Mixed methods are a combination of quantitative and qualitative meth-
ods. By combining the two methods, researchers can gain more knowledge and
more accurate results and provide a clearer picture of the problem (Venkatesh &
Brown, 2013; Zhu, 2004). According to Mack, Woodsong, MacQueen, Guest,
and Namey (2005), some researchers have used qualitative methods to gain an
overview of the problem and an in-depth understanding of the results obtained
using quantitative methods. In this study, different techniques can be used to col-
lect qualitative and quantitative data.
Our research focuses on various aspects that influence the adoption of cloud
computing in information systems and their impact on IT agility. We have there-
fore chosen a research methodology that integrates several methods, as shown in
Fig. 44. A combination of research methods, especially in both cases, qualitative
and quantitative paradigms have been proven in the IS discipline to be active
LITERATURE
REVIEW
PROPOSED
MODEL
QUANTITATIVE Data
SUDY Analysis
Data
Analysis FINDING
Exploratory Study
Interview:
Semi-Structured
Data
Analysis
FINDING
Evaluation Study
Fig. 44. Research Design.

and contribute to a broad and deep understanding (cf. Galliers, 1991; Kaplan &
Duchon, 1988; Landry & Banville, 1992; Mingers, 2001). The qualitative study
was used to obtain additional information on the results of a quantitative study
(Venkatesh & Brown, 2013).
6.7 Quantitative Methodology

6.7.1 Measurement Model
A survey was conducted in the MENA region, with 200 medium and large organ-
izations in covering manufacturing and service industries, to assess theoretical
constructions. These organizations are from both the public and private sectors.
To be consistent with sources, constructions (agility, safety issues, cost savings,
relative advantage, complexity, compatibility, technology readiness, senior man-
agement support, competitive pressure, and regulatory support) were measured
using a five-point Likert scale on a Likert scale at intervals ranging from “strongly
disagree” to “strongly agree.”
The questionnaire was carried out in several stages. A first version has been
developed to take into account the different theoretical assumptions. This first
version has been tested with IT managers and consultants. This pre-test allowed
rephrasing specific questions to improve the comprehension of the questionnaire
and to improve the quality of the given answers. The questionnaire was written
in the three most widely spoken languages in the organizations, namely English,
French, and Arabic.
6.7.2 Data Collect

As mentioned earlier, the focus of the field survey was arge organizations in the
MENA region. An online version of the questionnaire was sent by e-mail to
decision-makers and qualifiied individuals having an important position in the
organization. Data were collected using an online questionnaire administered
in two stages from mid-2017 to early 2018. These data have been updated with
responses collected during the last quarter of 2019.
The study used the “key informant” approach to data collection (Benlian &
Hess, 2011) to identify the respondents in the organization who are most involved
and knowledgeable about cloud computing. To target key informant respondents,
we provided a clear description of cloud computing and examples. In order to
increase the validity of the content, we indicated that the organization’s most
familiar member should complete the survey. The final version of the question-
naire was written in English, comprised of 34 questions, in which several elements
measured each factor. The participants’ demographics are shown in Table 15.
6.7.3 Results
The purpose of this study (Table 17) is to assess the determinants of cloud adop-
tion using a methodology that combines the innovative characteristics of cloud
Table 15. Participants’ Demographics.
Variable Frequency Percentage (%)

Organization size 100–500 employees 30 15
500–1000 employees 50 25
1000–2000 employees 80 40
More than 2000 40 20
employees
Industry Manufacturing 31 15.5
Petrochemical 10 5
Chemicals 22 11
Engineering 33 16.5
Energy 15 7.5
Financial services 34 17
IT 50 25
Retail 2 1
Other 3 1.5
Market scope International 112 56
Local 25 12.5
National 63 31.5
Adoption stage Yes 128 64
No 72 36
computing with the organization’s technological, organizational, and environ-

mental perspectives. We found that ten factors influence cloud adoption: agility,
complexity, Competitive pressure, technological readiness, top management sup-
port, regulatory, competence and awareness, compatibility, firm size, and data
sovereignty. An integrative approach combines innovation in cloud computing
characteristics with organizational, technological, organizational, and environ-
mental perspectives. The results indicate that five factors represent a major influ-
ence on the adoption of the cloud: Agility, cost-saving, security, privacy and trust,
technological readiness, and data sovereignty, as shown in Table 16.
6.7.4 Finding
⦁⦁ Innovation characteristics
Of the four innovation characteristics, Agility (H1) is positively influencing cloud-

computing adoption. This finding is consistent with similar studies reported in the
literature (Hsu et al., 2006; Tan & Ai, 2011; Y.-M. Wang, Wang, & Yang, 2010).
Table 16. Quantitative Factors that Influence the Adoption of Cloud Computing.
Constructs Items Adapted Source

Agility A1 – Cloud computing allows you to manage your business activities efficiently Yang et al. (2013)
A2 – Cloud computing services improve the quality of operations
A3 – Using cloud computing helps you get the job done faster at specific
A4 – The use of cloud computing offers new opportunities
Security, privacy, S1 – Degree of company’s concern with data security on the cloud computing Zhu, Dong et al. (2006), Luo,
and trust S2 – Degree of concern for customers with data security in cloud computing Gurung, and Shim (2010), and
concerns Wu (2011)
S3 – Degree of concern about privacy in cloud computing
Cost savings CS1 – Enterprise-level concerns about data security in cloud computing Thiesse et al. (2011)
CS2 – Level of customer concern about data security in cloud computing Sangle (2011)
CS3 – Level of concern about privacy in cloud computing
Complexity CP1 – Using cloud computing requires lots of mental effort Ifinedo (2011a)
CP2 – Using cloud computing is frustrating Thiesse et al. (2011)
CP3 – Using cloud computing is too complicated for business operations
CP4 – For firm employees, the skills required to adopt cloud computing are too
complicated
Compatibility CT1 – Cloud Computing can accommodate a company’s work style Ifinedo (2011b)
CT2 – Cloud computing is fully compatible with today’s business operations Thiesse et al. (2011)
CT3 – Cloud computing is compatible with your company’s culture and value
system
CT4 – Cloud computing will be compatible with existing company hardware and
137
software
138

Technology TR1 – Percentage of employees with Internet access Ifinedo (2011a)
readiness TR2 – The company knows how IT can be used to support operations Oliveira and Martins (2010)
TR3 – In the enterprise, there are the skills needed to implement cloud
computing
Top TS1 – Enterprise management supports the implementation of cloud Chwelos, Benbasat, & Dexter
management computing (1890)
support TS2 – Company management demonstrates strong leadership and commitment Shah Alam, Ali, and Mohd
to the process when it comes to information systems Mohd Jani (2011)
Zhu, Li, Wang, and Chen
TS3 – Business leaders are prepared to take risks (financial and organizational)
(2010)
in the adoption of cloud computing
Firm size FS1 – The number of company employees Zhu et al. (2003)
FS2 – Annual business volume Chwelos et al. (1890)

Premkumar and Roberts
(1999)
Competence CA1 – The competencies needed to manage and adopt cloud computing Abolfazli et al. (2015)
and awareness CA2 – The level of awareness and adoption of cloud computing by the Cragg, Caldeira, and Ward
organization staff (2011)
Competitive CP1 – The company believes that cloud computing can influence Ifinedo (2011a)
pressure competition in their industry Oliveira and Martins (2010)
CP2 – Competition is putting pressure on our site firm to adopt cloud
computing
CP3 – Some competitors have already started using cloud computing
Data Soverignty DS1 – There is legal protection in the use of cloud computing Zhu and Kraemer (2005)
DS2 – As regulations become more stringent, companies storing data in the Shah Alam et al. (2011)
public cloud must ensure that they comply with data sovereignty laws Abolfazli et al. (2015)
Cloud CA1 – In terms of cloud adoption, at what stage is your organization currently Thiesse et al. (2011)
computing engaged in cloud adoption
adoption I do not think about it; Being evaluated (e.g., as part of a pre-pilot study);
Evaluating this technology, but not planning to adopt it; Evaluating and
planning for adoption of this technology; Already adopted cloud computing
services, infrastructure or platforms
CCA2 – If you think in future you will embrace cloud computing. How do
you think that will happen? Do not consider; More than 5 years; Between 2
and 5 years; Between 1 and 2 years; Less than 1 year; Already-adopted Cloud
Computing services, infrastructure or platforms
Note: All questions are based on a 5-point scale unless otherwise indicated.
139
Table 17. Mean and Standard Deviation of Full and Subsamples.
Factors Mean SD
Agility 3.33 0.87
Security, privacy, and trust concerns 3.76 1.11
Cost savings 3.14 0.79
Complexity 2.26 0.80
Compatibility 2.90 0.80
Technology readiness 4.27 1.19
Top management support 2.89 0.96
Firm size 2.54 0.86
Competence and awareness 2.72 1.02
Competitive pressure 2.30 0.86
Regulatory support 2.58 0.85
Data Sovereignty 3.81 0.81
Cloud computing adoption 2.40 1.61
Table 17 presents the Mean and Standard Deviation of Full and Subsamples.
The survey confirms that organizations realize the benefits of cloud computing
agility. The benefits identified by the study include improved quality of business
operations, faster task execution, increased productivity, and the creation of new
business opportunities.
Concerning the two variables that constitute advantages related to cloud tech-
nology, security concerns (H2a) do not prevent cloud adoption due to recent
advances in privacy technologies, surveillance, and encryption systems to ensure
confidentiality, integrity, and data protection in the cloud (Muñoz, Gonzalez, &
Maña, 2012; Sonehara, Echizen, & Wohlgemuth, 2011; Wang, 2010). Also, new
federal standards and regulations such as the GDPR (Tankard & Pathways, 2016)
and FedRampt (Montalbano, 2012). Act help build trust and organizational con-
trol over data when adopting cloud-based solutions which can explain why secu-
rity and privacy are not a concern when a cloud computing strategy is considered.
Cost savings (H2b) is confirmed as an essential factor to explain the relative
advantage of cloud computing. This finding is consistent with studies that have
shown that cost savings are a powerful driver of cloud-based solutions adoption
in sectors such in technology, manufacturing, financial, logistical, services and
educational industries (Benlian & Hess, 2011; Garrison, Kim, & Wakefield, 2012;
Lyytinen & Damsgaard, 2011).
The compatibility (H4) is considered a factor that was facilitating the adoption
of cloud computing for the service sector, but not significant for the manufactur-
ing sector. Its importance in the service industry can be explained by the work
style preferences and Internet business transactions that prevail among com-
panies in this sector(Lee & Kim, 2007). In the case of manufacturing, the lack
of importance of compatibility may be due to the nature of the applications

(e.g., the critical role of in-house software solutions such as resource planning
software and computer controlled machining) and the limited requirements for
Internet solutions in the industry (Grandon & Pearson, 2004; Ramdani, Kawalek,
& Lorenzo, 2009). Therefore, the compatibility results are also mixed compared to
previous research, and further research is needed to reach a definitive conclusion.
Also, the complexity factor (H3) is a barrier to the adoption of cloud com-
puting in the service sector. The concept of complexity associated with cloud
computing is no different from other disruptive technologies and appears to be
an essential deterrent to the adoption of cloud computing. Complexity can be
associated with perceived change, which is known to be an unsatisfactory and
frustrating source (Kets de Vries & Balazs, 1998). The results indicate that com-
plexity is not a blocking factor for firms in the manufacturing sector. Complexity
has been judged insignificant by some researchers (Low et al., 2011), while others
have said the opposite (Borgman, Bahli, Heier, & Schewski, 2013). As a result,
previous studies are not clear-cut on the role of complexity, implying that further
researches are needed before a definite conclusion.
6.7.5 Technology Readiness

Technology readiness (H5) is a driver for cloud computing adoption. According to
the study, companies with established technology infrastructure and a technically
skilled workforce will be better suited to integrating cloud computing. However,
our study indicates that the implementation of cloud computing can disrupt ser-
vices and create management challenges in both IT and non-IT organizations. The
finding indicates that organizations must ensure that the technology infrastruc-
ture and availability of IT specialists are adequate for integrating cloud solutions
into business operations within minimal downtime. Unlike previous studies, which
have suggested that technological readiness does not necessarily influence cloud
adoption(Low et al., 2011). Moreover, that technological readiness is not relevant
for technology companies (Wu et al., 2013), and that for organizations with the
capacity to more information processing is less apt to embrace cloud computing.
6.7.6 Organizational Context

In our study, we found empirically that top management support (H6) is essential
in explaining the adoption of cloud computing. According to the results of the
study, senior management has an influence on the adoption of cloud computing
by demonstrating its support through the commitment of financial and organiza-
tional resources and by engaging in the process. These findings are consistent with
the results of previous research on technology adoption and use (Ifinedo, 2011a;
Luo et al., 2010; Ramdani et al., 2009).
The enterprise size factor (H7) is a predictive variable of cloud adoption. This
conclusion is consistent with the literature that large firms have the necessary
resources needed to address investment risk and cost associated related to emerg-
ing technology (Chong & Chan, 2012; Crook & Kumar, 1998; Wang et al., 2010).
In contrast, small businesses generally lack the resources to build knowledge and
to implement and test cloud computing (Thiesse et al., 2011).
The competence and awareness (H8) is a very critical factor in the adoption of
the cloud in different organizations. The adoption of the cloud by organizations
is well underway worldwide (Abolfazli et al., 2015; Cragg et al., 2011). This trend
is expected to continue through talent attraction and retention, and performance
management. These issues are crucial today for companies that want to stand out
from the crowd in order to recruit and retain the best candidates and meet the
expectations of new generations.
6.7.7 Environmental Context

Few studies have addressed the importance of the environmental context in cloud
computing. According to Low et al. (2011), competitive pressure has pushed high-
tech companies to adopt cloud computing more quickly. Also, Ifinedo (2011a)
has determined that competitive pressure has a positive impact on the adoption
of technologies that support e-commerce. While pressures from customers, busi-
ness partners and government support have not played a significant role.
Data sovereignty (H10) is a crucial factor in the adoption of the cloud, the
challenge for businesses to manage the growing sovereignty of data is increased
due to the different approaches governments are taking to ensure the privacy of
citizens’ data (Abolfazli et al., 2015).
6.7.8 Discussion and Interpretations

Results of our survey indicate that the pressure of competition is not determina-
tive of cloud adoption. Firms are likely to be aware of cloud benefits, but specific
technology factors and organizational contexts prevent cloud benefits from trans-
lating to a competitive advantage. It was also found that regulatory support for
cloud computing adoption was not available at significant, this does not necessar-
ily mean that firms do not take into account current standards and regulations,
on the contrary, legislation protecting the use of cloud computing has not been
seriously adopted by the organization’s decision makers. Regulatory processes
are essential to instilling the confidence needed at firms to turn innovation into
business opportunities. Without commercially sound economic incentives, tech-
nological advances, evolving cloud standards, and federal regulations may not be
able to overcome the barriers to cloud adoption.
The findings of our study suggest that Agility, cost-saving, security, privacy
and trust, technological readiness, and data sovereignty influence the adoption of
cloud computing by enterprises.
6.7.9 Qualitative Study

The second study focuses more on how cloud computing affects the agility of
information systems. Data were collected through semi-structured interviews
with 20 experts from 10 large organizations in MENA that have already adopted
cloud technology.
⦁⦁ The Sample Size
It was essential to identify the sample size before conducting this study. In order
to determine the minimum sample size, G*Power software was used. G*Power
is software that enables researchers to compute the required sample size and
increase the accuracy of their results (Bourque & Fielder, 2003). The parameters
identified to compute the minimum sample size were as follows:
⦁⦁ Effect size: According to Faul, Erdfelder, Lang, & Buchner (2007), there are
three parameters of effect size small, medium and large. The appropriate effect
size for this exploratory study is 0.8 (i.e., large).
⦁⦁ Type I error, also known as alpha (α for 95% confidence level α=0.05. This
means the probability of rejecting the null hypobook when it is true is 5%
(0.05). Type one error means false rejection of the null hypobook.
⦁⦁ Type II error (i.e., 1-β err prob): Type two error indicates that the null hypo-
book will not be rejected when it is false (Banerjee, Ghosh, & Banerjee, 2012).
In other words, type two error means false acceptance of the null hypobook.
This is conventionally set at 20%.; so (1-β err prob) = 0.8.
In this study, the calculation was performed under a t-test family (one sam-
ple case). The results indicated that the minimum sample size for the question-
naire was 15 participants. Table 18 illustrates the statistical calculation of the
sample.
In terms of interviews, there is no typical sample size for data collection from
interviews; thus, there is no set number for participants in interviews. However,
Tashakkori and Creswell (2007) recommend that from 5 to 25 interviewees are
acceptable, while Morse (1994) suggests that six is the minimum for participants
in interviews. Furthermore, Thomson (2010) conducted a review of one hun-
dred studies regarding sample size in interviews and found that the point at
which any increase in some interviews will lead to repeated material, and data
saturation occurs between 10 and 30 interviews(Thomson, 2010). Strauss and
Corbin (1998) also state that the saturation of data is dependent on a research-
er’s decision. In this present study, the researcher has taken into account these
suggestions and conducted interviews until there was no new data to be added
to the study.
Table 18. Sample Size Calculation Using the G* Power Software.
Statistical Test Means: Difference from Constant (One Sample Case)

Tails Two
Effect size d 0.8
α error prob. 0.05
Power (1–β err prob) 0.8
Minimum sample size 15
⦁⦁ Interview Design
The purpose of the semi-structured interviews was to examine the extent to which
the adoption of cloud computing will increase information systems agility. Interview
questions were prepared before the interviews and included closed and open-ended
questions. According to W. Foddy and Foddy (1994), the five-point Likert scale is
the optimal choice for cases that require decisions; Lietz (2008) also mentioned that
this scale could increase reliability and validity of results. Therefore, in this study the
closed-ended questions were designed using a five-point Likert scale: (very important
= 5; important = 4; may be important = 3; not important = 2; and not relevant = 1).
The other questions were open, which helped the researcher to understand an organi-
zation’s requirements and attitude toward cloud adoption. Table 19 presents an outline
of the interview questions. The interview questions are developed in English to verify
the clarity of the questions. Adjustments based on the pilot interviews were made to
the interview questions, including rephrasing and deleting some wrong questions.
⦁⦁ Questionnaire Design
To confirm the proposed cloud adoption model, a self-administered questionnaire

was developed for this study. The purpose of the questionnaire was to confirm
Table 19. The Interview Questions Sample.
Number Questions
Q1 • Cloud computing has enabled the organization to manage business
activities in an efficient and flexible way?
Q2 • Do Cloud computing services improve the quality of operations?
Q3 • The employee have the possibility to quickly access applications data
and the possibility of recovering them rapidly?
Q4 • The compatibility with the cloud provider has a negative impact on
the cloud adoption?
Q5 • The organization has the ability to respond to the growing demand
of customer in terms of computing ressources?
Q6 • Using cloud-computing helps the organzation to adapt the change
in information systems through system development, implementation,
modification, and maintenance activities?
Q7 • Using cloud-computing helps the organzation facilitate planning
process in the organization?
Q8 • IT staff are well trained and agile to follow technical advances, and
have the ability to deal with unexpected changes?
Q9 • The adoption of cloud increases the organization’s ability to cope
with unexpected changes?
Q10 • The organization has the ability to remain competitive?
factors that already exist in the cloud adoption model, as well as other factors that
were identified in interviews with IT experts. The questionnaire was divided into
two sections: demographic information and 28 closed-ended questions concern-
ing 17 factors. These factors are security, relative advantage, agility, compatibility,
complexity, senior management support, organizational size, technological readi-
ness, regulatory compliance, and competitive pressure. The reason there were 28
closed-ended questions was that some factors were measured by more than one
question. For example, Agility has two questions, one measuring the impact of
agility on cost by predicting changes and the other on responsiveness. Closed-
ended questions were designed based on interview results and using a five-point
Likert scale: (strongly agree = 5; Agree = 4; neutral = 3; neutral = 3; Disagree = 2;
and strongly disagree = 1): The questions used were as follows:
⦁⦁ Demographic Information
The interviews were conducted with twenty IT experts at different organizations

in the MENA region. All the participants were working in IT departments in dif-
ferent sectors, such as manufacturing, engineering, and energy. All participants
had at least five years’ working experience so that they could understand the cur-
rent situation of their organization and future trends. The interviews were carried
out between March and May 2018, at the experts’ workplaces (i.e., face-to-face or
visio conference interviews), and they were recorded using a recording device with
the permission of the experts. The purpose of the questionnaire was to confirm
which factors influence an organization’s decision to use cloud services and the
impact of adopting cloud computing on information systems agility. The SPSS
software was used to analyze data collected.
Parametric tests analyse measured data by scale and interval ratio, while non-
parametric tests analyze ordinal and classified data. Overall, parametric tests are
more flexible and powerful than non-parametric tests and are therefore preferred
by most researchers. Therefore, the data collected were tested using the parametric
test (t-test on a sample) and the test value was defined as three on the five-point
Likert scale, which ranged from 5 (strongly agree) to 1 (strongly disagree). Table 20
illustrates the results of the questionnaire analysis.
6.7.10 Hypobook
In the aim to response a second research question, the following assumptions
were made and tested at a 90% confidence level. The hypotheses (H1) include
the different associations between agility categories and cloud computing models
formulated as follows:
H1: There is an association between the use of a software model as a cloud

service model and the improvement of the IS Agility category where the cloud
model is either (IaaS, PaaS, or SaaS) and the IS Agility category is either
(Technical Infrastructure Agility, IT Processes Agility, Human Characteristics,
or Business Aspects).
Table 20. Cloud Computing’s Impact on Information Systems Agility. 146
Factors Statements Mean Sigg. (2-tailed)

Application The organization will have the capacity to add a new product or service 4.67 <0.001
Agility with efficiency. In this aims organization
Information – An organization needs to improve the sharing of application data for all 4.60 <0.001
Agility stakeholders and organization partners
– An employee will have a possibility to quickly access applications data
and the possibility of recovering them rapidly
Compatibility & The organization will need to deploy an application migration process, to 3.60 0.004
IT Agility
interoperability link the local environment to the cloud environment while maintaining a
level of security
Elasticity The organization must manage these expansions to the growing demand 3.90 <0.001
of customers and have the ability to accelerate the necessary increase in
bandwidth allocation and computing resources from the cloud service provider
Maintenance Ability to adapt to change in information systems through system 4.03 <0.001
Process development, implementation, modification, and maintenance activities.
Agility An organization with such IT agility can effectively modify its system,
enabling it to respond more effectively to changing market opportunities
Planning Process • Reduction of time and effort for application support and maintenance 3.23 0.257
Agility
• The integration of new branches in the company must be less complicated
• IT should easily assess and prioritize proposed changes
Monitoring & Recall that the essential forces of environmental change include competitor 4.17 <0.001
IT Process Agility
Assessment actions, strategic changes, and changes in consumer preferences or IS staff
Process skills, economic changes, regulatory and legal changes, and technological
Agility advances. These different changes require a standby to detect any potential
changes regarding each of these types
Training & Staff – Conducted training and internships for IT staff to manage different 4.73 <0.001
systems and applications
– IT staff will have the ability to translate business problems into a
technical solution
Business and IT staff should have the ability to deal with unexpected changes and 4.47 <0.001
Humain Agility
Technical Skill efficiency seize emerging opportunities
Response The use of cloud computing increases the organization’s ability to cope 4.53 <0.001
with unexpected changes (i.e., unexpected events such as corrections and
reconfigurations)
Customer service Organizational mechanisms must be able to support service delivery that 4.13 <0.001
meets client needs
Competitive status The ability to remain competitive by providing answers under any 4.53 <0.001
Business Agility
conditions will seize new opportunities and remain competitive
147
6.7.11 Results
The following section summarizes these findings. Figs. 45 and 46 illustrate the
usage frequencies and percentages for various cloud computing service models and
deployment models. Fig. 47 shows answers to aggregated categories of IS agility.
Fig. 45. Cloud Usage by Type.
Fig. 46. Cloud Usage by Deployment Model.

Fig. 47. Combined Frequency Distributions for Responses to Aggregated IS

Agility Categories.
As can be seen in Figs. 45 and 46, the percentage of usage is mainly attributable
to infrastructure as a service within the private cloud. In addition, an interesting
observation in Fig. 45 includes the high percentage of responses in the business
agility category, including: greater user confidence to faced unexpected changes
(i.e., unexpected events such as fixes and re-configurations), greater satisfaction
with efficiency and effectiveness in seizing emerging opportunities, and a positive
contribution of using clouds to align IT strategies with business strategies. Fig. 47
shows the responses to the aggregated IS agility categories.
6.7.12 Result Discussion

The cloud is a service delivery issue: Infrastructure as a Service (IaaS), Platform
as a Service (PaaS), or Software as a Service (SaaS). In other words, the cloud
provides a set of computing resources that function efficiently as a single com-
puter. However, as the results of the statistical analysis show, not all of these ser-
vices have a direct association with agility as perceived by IT professionals. More
specifically, the PaaS Cloud model enables users to respond more effectively to
business demands and helps ensure employees have on-demand access to critical
business information, customers, partners, and each other, using virtually any
device, from virtually anywhere and from anywhere. Therefore, users can give
priority to the most critical business tasks first.
However, IaaS focuses more on reducing the burden of managing anticipation
and building excess IT infrastructure, resulting in reduced management, mainte-
nance, and deployment time, with the added benefit of greater scalability to more
efficiently manage peak demand, studies have also shown the lack of association
between SaaS and any category of agility. This conclusion is supported by the fact
that SaaS is seen more as an economical option than an improvement in agility.
Unlike conventional financial models of software vendors that rely on license
fees to support their profits and losses, SaaS allows users to pay only for what is
used during a given period while being much less dependent on local IT staff and
services, which would increase some limits on agility in general.
Surveys indicate that there is an improvement in user confidence in the face of
unexpected changes, efficiency, and effectiveness of taking advantage of emerg-
ing opportunities and aligning IT strategies with business strategies. Additionally,
cloud computing has allowed organizations to reduce the time and effort spent
on support and maintenance, decrease efforts to assess and prioritize proposed
changes, facilitate capacity planning and performance information collection,
and simplify service management.
Summary
Cloud computing is an essential evolution of IS technology. It boasts attractive
properties such as agility, scalability, pay-per-use, and cost-efficiency. This study
sought to identify the determinants of cloud-computing adoption based on inno-
vation characteristics and the technology, organization, and environmental con-
texts of organizations, and evaluate how cloud computing changes are agility,
it started. A research model was developed that integrates the DOI theory and
the TOE framework. The model was evaluated through a quantitative study col-
lected from 200 different medium and large companies in MENA region. The
results indicated that Agility, cost-saving, security, privacy and trust, technologi-
cal readiness, and data sovereignty have a direct effect on a firm’s adoption of
cloud computing. The analysis of results validated the direct effect of Agility on
cloud-computing adoption. The second part of this study focuses more on how
cloud computing affects the agility of information systems. The qualitative data
were collected through semi-structured interviews with 20 experts from 10 major
organizations in the MENA region that have already adopted cloud technology.
Drawing on research findings, we concluded that some cloud computing service
models improve specific dimensions of agility, for example, IaaS increases techni-
cal infrastructure agility. PaaS improves human characteristics, while SaaS does
not associate with any category.
For decision-makers in the organization who are considering cloud-based ini-
tiatives, our results provide a solid foundation for assessing the direct and indirect
effects of cloud computing innovation features and the literature related to its
adoption in various industries.
Our Results also indicate that cloud computing will increase the agility of
information systems which allows the company to realize cost savings resulting
from reduced IT capital expenditures, reduced negotiation costs, and reduced
maintenance and energy costs. The benefits of environmental responsibility by
reducing environmental impacts through the adoption of cloud computing.
In general, it seems that cloud computing brings improvement to the agility
aspects of the information systems of organizations that adopt cloud computing
technology, specifically for SaaS.
Appendix 1
Table A1. ITSM Maturity Assessment Interview (Sample).
Self-Service Desk Is there a service center in your organization (formal or informal)? Yes we do it every few years
Are calls that are taken at the Service Desk recorded in an electronic system? Yes at least half of them are/do
Does the service center log incoming calls and emails in a helpdesk system? Yes we do it every few years
Incident Does IT staff have a clear understanding of the incident management process? Yes at least half of them are/do
Management Is there enough information recorded incidents when they are registered? Yes we did it once
Is there a classification code assigned to incidents that can indicate the Yes at least half of them are/do
probable cause of the incident?
Problem Does IT staff have a clear understanding of the problem management Yes we do it every few years
Management process?
Is it clear to whom in the organization should the problems be attributed? Yes at least half of them are/do
Are the time and budget allocated to staff training in this area sufficient? Yes at least half of them are/do
Does the process owner analyze incident information to identify trends in Yes a small percentage are/do
incidents?
Release Is there sufficient time and budget allowed for training staff in this process area? Yes at least half of them are/do
Management Is there a published and accepted list of what is considered to be the highest Yes a small percentage are/do
priority components of the infrastructure?
Is there a known and documented naming convention for all configuration Yes at least half of them are/do
elements (CIs)?
Is there a clear release management process within the organization? Yes a small percentage are/do
Table A1. (Continued)
154
Change Does IT staff have a clear understanding of the change management process? Yes we do it every few years
Management Are change requests checked and verified before submission? Yes at least half of them are/do
Is there sufficient time and budget allowed for training staff in this process Yes we do it every few years
area?
Appendix
The Advisory Council on Change (ACC) establishes an appropriate mandate Yes at least half of them are/do
(meeting time, authority, etc.)?
Service Level Does IT staff have a clear understanding of the SLA management process? Yes teams write/run their own
Management Is there a regular review of the activities associated with this process? Yes we do it every few years
Are there Service Level Agreements (SLAs) that follow a defined structure? Yes we do it every few years
Does this process area exchange information with a variety of other Yes we do it every few years
process areas?
Availability Are there regular reviews of the performance of this process area against Yes at least half of them are/do
Management documented Key Performance Indicators (KPIs) regularly?
Are the availability objectives set by the organization SMART (Simple, Yes a small percentage are/do
Measurable, Achievable, Realistic, Time-bound)?
Are electronic tools used in this process field well utilized? Yes at least half of them are/do
Capacity Alarm thresholds are in place for systems that alert personnel to Yes at least half of them are/do
Management approaching maximum capacity limits?
Are the differences between operational capability, service capability and Yes a small percentage are/do
resource management well defined?
Does this process area exchange information with a variety of other Yes a small percentage are/do
process areas?
IT Asset Management Answer
Asset Discovery Is there a defined procedure for managing the organization’s information Yes a small percentage are/do
and inventory assets?
Which tool do you currently use to discover your software and hardware Yes but on an ad hoc basis
assets?
Configuration Is there a published and accepted list of what are considered to be the most Yes there is a standard set
Management critical components of the infrastructure?
Is there a known and documented naming convention in place for all Yes, a small percentage are/do
Configuration items (CI’s)?
Are there procedures to ensure that the configuration management process Yes there is a standard set
cannot be bypassed?
IT Financial Do you have effective control over the operating costs of the IT Yes, a small percentage are/do
Management environment?
Can the costs of providing current services to the business be demonstrated Yes, localized to business areas
easily?
Are actual costs compared to budgeted costs regularly? No
Asset Lifecycle Has the organization implemented, or plan to implement an asset Yes on an ad hoc basis
management system?
Does the organization have an asset management inventory/database, or No
does it plan to develop one?
IT Security Management Answer
IT Service Security Is there a procedure for IT services security management? Yes we do it every few years
Management Are there any security applications implemented in the organization? Yes at least half of them are/do
Appendix
155
Table A1. (Continued) 156
IT Service Management Answer

IT Asset Security Are the company’s security requirements well documented? Yes at least half of them are/do
Management Is there a clear understanding of who or which department is responsible for Yes at least half of them are/do
IT security?
Appendix
Are there physical barriers in place preventing unauthorized access to critical Yes a small percentage are/do
IT equipment?
Vulnerability and Is there an automated risk management process conforms to international Yes at least half of them are/do
Risk Management standards?
Does the organization define the system criticality according to its risk? Yes a small percentage are/do
Compliance Is there a formal policy containing, or referring to all security requirements Yes a small percentage are/do
Management to ensure compliance with the organization’s security standards?
Agility Management Answer
Strategy and Does IT staff have a clear understanding of the agility management process? Yes on an ad hoc basis
Process Is there a regular review of the activities associated with this process? Yes a small percentage are/do
Flexibility of The organization has qualified and motivated people at its disposal, enabling No
Structure it to provide agile solutions for changing the business situation?
Does the organization provide processes, plans, and responsibilities for agile Yes on an ad hoc basis
responses to a changing business environment?
Up-to-Dateness Are IT services provided in accordance with business needs? Yes teams write/run their own
of Technology Do the organization’s IT-focused programs deliver benefits promptly and Yes a small percentage are/do
Systems meet quality requirements and standards?
Does the IT service center provide knowledge, expertise, and initiatives for No
business innovation?
Are the benefits derived from IT investments and the IT services portfolio? No
Agility Management Answer
Staff Competency Does the organization cultivate its expertise through effective training? Yes at least half of them are/do
and Skills Does the organization motivate and maintain proficient employees? Yes a small percentage are/do
Are IT staff encouraged to improve their technical skills and are trained in Yes a small percentage are/do
development methods and tools to support agile development technics?
Organizational Are IT resources optimized to meet the organization’s agility objectives? No
Agility Does the organization provide effective business processes? Yes on an ad hoc basis
Does the organization define, maintain and approve functional requirements No
after a quick analysis of feasibility and alternate solutions?
Appendix
157
158 Appendix
Appendix 2
Table A2. ITSM Maturity Assessment Roadmap.
ITSM Functions Control Objective Maturity Score Maturity

Score Target
IT Service Self-Service Desk 0 3
Management Incident Management 2.5 4
Problem Management 1.5 3.5
Change Management 2 3.5
Release and Deployment 1 3
Management
Configuration Management 1.5 3
Service Level Management 2 3.5
Availability Management 1.2 2.5
Capacity Management 1.5 2.5
IT Asset Configuration management 0.5 2
Management database CMDB
Asset Discovery and 1.5 3
inventory
IT Financial Management 2 3.5
Asset lifecycle 1 3
IT Security IT Service Security 2 3
Management Management
IT Asset Security 2.5 3
Management
Vulnerability and Risk 2.5 3.5
Management
Compliance Management 2 3.2
IT Agility Strategy and process 1.2 2.5
Management Flexibility of Structure 0.5 2.5
Up-to-Dateness of 0.7 2.5
Technology Systems
Staff competency and skills 1 2
Organizational Agility 0.5 2.2
References
Abdelkebir, S., Maleh, Y., & Belaissaoui, M. (2019). Towards an agile and secure IT service
management. In J. Zhang (Ed.), Global information diffusion and management in
contemporary society (pp. 125–152). Hershey, PA: IGI Global.
Abdollahzadehgan, A., Che Hussin, A. R., Gohary, M. M., & Amini, M. (2013). The
organizational critical success factors for adopting cloud computing in SMEs.
Journal of Information Systems Research and Innovation, 4(1), 67–74. https://doi.
org/https://ssrn.com/abstract=2333028
Abolfazli, S., Sanaei, Z., Tabassi, A., Rosen, S., Gani, A., & Khan, S. U. (2015). Cloud adop-
tion in Malaysia: Trends, opportunities, and challenges. IEEE Cloud Computing,
2(1), 60–68. https://doi.org/10.1109/MCC.2015.1
Adalı, O. E., Özcan-Top, O., & Demirörs, O. (2016). Evaluation of agility assessment
tools: A multiple case study. In Communications in computer and information science,
Berlin/Heidelberg, Germany, pp. 135–149. Retrieved from http://link.springer.com/
10.1007/978-3-319-38980-6_11.
Adams, D. A., Nelson, R. R., Todd, P. A., Ahmi, A., Kent, S., Al-Ansi, A. A., … Willborn,
W. W. (2009). Factors affecting the adoption of open systems: An exploratory study.
MIS Quarterly, 16(2), 1521–1552. https://doi.org/10.1108/02686900510606092
Adamson, G., Wang, L., Holm, M., & Moore, P. (2017). Cloud manufacturing – A
critical review of recent development and future trends. International Journal of
Computer Integrated Manufacturing, 30(4–5), 347–380. https://doi.org/10.1080/095
1192X.2015.1031704
Aiken, M. W., Liu Sheng, O. R., & Vogel, D. R. (1991). Integrating expert systems with
group decision support systems. ACM Transactions on Information Systems (TOIS),
9(1), 75–95.
Alaceva, C., & Rusu, L. (2015). Barriers in achieving business/IT alignment in a large
Swedish company: What we have learned? Computers in Human Behavior, 51,
715–728. https://doi.org/https://doi.org/10.1016/j.chb.2014.12.007
Alam, S. S. (2009). Adoption of internet in Malaysian SMEs. Journal of Small Business and
Enterprise Development, 16(2), 240–255. https://doi.org/10.1108/14626000910956038
Alavi, M., & Leidner, D. E. (2001). Knowledge management and knowledge management
systems: Conceptual foundations and research issues. MIS Quarterly, 25, 107–136.
Albrecht, C. C., Dean, D. L., & Hansen, J. V. (2005). Marketplace and technology standards
for B2B e-commerce: progress, challenges, and the state of the art. Information &
Management, 42(6), 865–875.
Ali, S., & Green, P. (2012). Effective information technology (IT) governance mechanisms:
An IT outsourcing perspective. Information Systems Frontiers, 14(2), 179–193.
Allen, B. R., & Boynton, A. C. (1991). Information architecture: In search of efficient flex-
ibility. MIS Quarterly: Management Information Systems, 15(4), 435–445. Retrieved
from https://www.jstor.org/stable/249447?origin=crossref
Alewine, N., Ruback, H., & Deligne, S. (2004). Pervasive speech recognition. IEEE
Pervasive Computing, 3(4), 78–81.
Allen, J. P. (2003). The evolution of new mobile applications: A sociotechnical perspective.
International Journal of Electronic Commerce, 8(1), 23–36.
Alshamaila, Y., Papagiannidis, S., & Li, F. (2013). Cloud computing adoption by SMEs
in the north east of England: A multi-perspective framework. Journal of Enterprise
Information Management, 26(3), 250–275. https://doi.org/10.1108/17410391311325225
Altaf, F., & Schuff, D. (2010). Taking a flexible approach to ASPs. Communications of the
ACM, 53(2), 139–143.
160 Reference
Amron, M. T., Ibrahim, R., Abu Bakar, N. A., & Chuprat, S. (2019). Determining factors
influencing the acceptance of cloud computing implementation. Procedia Computer
Science, 161, 1055–1063. https://doi.org/https://doi.org/10.1016/j.procs.2019.11.216
Anderson, C. (2010). Presenting and evaluating qualitative research. American Journal of
Pharmaceutical Education, 74(8), 141.
Anderson, J., & Bishop, R. (2018). An ITSM for a new era: Leaving a self-supported
internal legacy system for a brighter future in the Cloud(S)’. In Proceedings ACM
SIGUCCS user services conference, IEEE Xplore, Orlando, FL, USA, pp. 111–113.
Ang, A., Brandt, M., & Denison, D. F. (2014). Review of the active management of the
Norwegian government pension fund global. Report to the Norwegian Ministry of
Finance, New York, NY, USA.
Anthony Byrd, T., Lewis, B. R., & Bryan, R. W. (2006). The leveraging influence of
strategic alignment on IT investment: An empirical examination. Information and
Management, 43(3), 308–321. https://doi.org/10.1016/j.im.2005.07.002
Aoyama, M. (1998). Agile software engineering environment over the internet. In 1CSE
98 workshop on software engineering over the internet, April, New York, NY, USA.
Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., … Rabkin,
A. (2010). A view of cloud computing clearing the clouds away from the true poten-
tial and obstacles posed by this computing capability. Communications of the ACM,
53(4), 50–58. https://doi.org/10.1145/1721654.1721672
Arteta, B. M., & Giachetti, R. E. (2004). A measure of agility as the complexity of
the enterprise system. Robotics and Computer-Integrated Manufacturing, 20(6),
495–503. https://doi.org/10.1016/J.rcim.2004.05.008
Ashrafi, A., Ravasan, A. Z., Trkman, P., & Afshari, S. (2019). The role of business analyt-
ics capabilities in bolstering firms’ agility and performance. International Journal of
Information Management, 47, 1–15.
Atapattu, M., & Sedera, D. (2014). Agility in consumer retail: Sense-response alignment
through the eyes of customers. Australasian Journal of Information Systems, 18(2),
111–132.
Atkinson, P. E. (1990). Creating culture change: The key to successful total quality manage-
ment. San Francisco, CA: Pfeiffer/Jossey-Bass.
Attaran, M. (2004). Exploring the relationship between information technology and busi-
ness process reengineering. Information & Management, 41(5), 585–596.
Avram, M. G. (2014). Advantages and challenges of adopting cloud computing from an
enterprise perspective. Procedia Technology, 12, 529–534. https://doi.org/10.1016/
j.protcy.2013.12.525
Azadegan, A., & Teich, J. (2010). Effective benchmarking of innovation adoptions: A theo-
retical framework for e-procurement technologies. Benchmarking: An International
Journal, 17(4), 472–490. https://doi.org/10.1108/14635771011060558
Bakos, Y., Lucas, H. C. Jr, Oh, W., Simon, G., Viswanathan, S., & Weber, B. W. (2005). The
impact of e-commerce on competition in the retail brokerage industry. Information
Systems Research, 16(4), 352–371.
Bamber, C. J., Hides, M. T., & Sharp, J. M. (2000). Integrated management systems: An
agile manufacturing enabler. In 1st International Conference on Systems Thinking in
Management (pp. 83–88). Citeseer.
Bamber, C. J., Sharp, J. M., & Hides, M. T. (2000). Developing management systems towards
integrated manufacturing: a case study perspective. Integrated Manufacturing
Systems, 11(7), 454–461.
Banerjee, A., Ghosh, S. C., & Banerjee, N. (2012). Pack your sack for the cloud. In
Proceedings of the 5th India Software Engineering Conference (pp. 116–157), Kanpur,
India. https://doi.org/10.1145/2134254.2134283
Barreto, L., Amaral, A., & Pereira, T. (2017). Industry 4.0 implications in logistics: An
overview. Procedia Manufacturing, 13, 1245–1252.
Reference 161
Barreto, L., Scheunemann, L., Fraga, J., & Siqueira, F. (2017). Secure storage of user
credentials and attributes in federation of clouds. In Proceedings of the ACM
symposium on applied computing, Marrakech, Morocco, pp. 364–369.
Bartolini, C., Sallé, M., & Trastour, D. (2006). IT service management driven by business
objectives: An application to incident management. In IEEE symposium record on
network operations and management, Vancouver, Canada, pp. 45–55.
Baskerville, R., & Pries-Heje, J. (2004). Short cycle time systems development. Information
Systems Journal, 14(3), 237–264.
Basson, G., Walker, A., McBride, T., & Oakley, R. (2012). ISO/IEC 15504 measurement
applied to COBIT process maturity. Benchmarking: An International Journal, 19(2),
159–176. https://doi.org/10.1108/14635771211224518
Batra, D., Hoffer, J. A., & Bostrom, R. P. (1988). A comparison of user performance
between the relational and the extended entity relationship models in the discovery
phase of database design. In Proceedings of ICIS (p. 43) Auckland, New Zealand.
Bauer, M. J., Poirier, C. C., Lapide, L., & Bermudez, J. (2001). E-business: The strategic
impact on supply chain and logistics. Lombard, IL: Council of Supply Chain
Management Professionals.
Beatty, S. E., & Smith, S. M. (1987). External search effort: An investigation across several
product categories. Journal of Consumer Research, 14(1), 83–95.
Beck, K., Beedle, M., Van Bennekum, A., Cockburn, A., Cunningham, W., Fowler, M., …
& Kern, J. (2001). Manifesto for agile software development.
Beck, K., & Boehm, B. (2003). Agility through discipline: A debate. Computer, 36(6), 44–46.
Beloglazov, A., Banerjee, D., Hartman, A., & Buyya, R. (2014). Improving produc-
tivity in design and development of information technology (IT) service deliv-
ery simulation models. Journal of Service Research, 18(1), 75–89. https://doi.
org/10.1177/1094670514541002
Benamati, J., & Lederer, A. L. (2001). Coping with rapid changes in IT. Communications of
the ACM, 44(8), 83–88.
Benaroch, M., & Chernobai, A. (2017). Operational IT failures, IT value destruction,
and board-level it governance changes. MIS Quarterly, 41(3), 729–762. https://doi.
org/10.25300/MISQ/2017/41.3.04
Benlian, A., & Hess, T. (2011). Opportunities and risks of software-as-a-service: Findings
from a survey of IT executives. Decision Support Systems, 52(1), 232–246. https://
doi.org/10.1016/j.dss.2011.07.007
Benlian, A., Kettingaer, W. J., Sunyaev, A., Winkler, T. J., & Editors, G. (2018). The transform-
ative value of cloud computing: a decoupling, platformization, and recombination
theoretical framework. Journal of Management Information Systems, 35(3), 719–739.
Berger, H., & Beynon-Davies, P. (2009). The utility of rapid application development in
large-scale, complex projects. Information Systems Journal, 19(6), 549–570.
Bernard, M., & Le Moigne, J-L. (1978). La théorie du système général (théorie de la
modélisation). Collection Systèmes-Décisions, 1977. Communication Information,
2(3), 217–218.
Bessant, J., & Francis, D. (1999). Developing strategic continuous improvement capability.
International Journal of Operations & Production Management, 19(11), 1106–1119.
Bhat, J. M. (2013). Adoption of cloud computing by SMEs in India: A study of the institu-
tional factors. In 19th Americas Conference on Information Systems, AMCIS 2013 -
Hyperconnected World: Anything, Anywhere, Anytime (Vol. 1, pp. 271–278). Retrieved
from http://www.scopus.com/inward/record.url?eid=2-s2.0-84893328840&partner
ID=tZOtx3y1
Bhatt, G., Emdad, A., Roberts, N., & Grover, V. (2010). Building and leveraging infor-
mation in dynamic environments: The role of IT infrastructure flexibility as ena-
bler of organizational responsiveness and competitive advantage. Information &
Management, 47(7–8), 341–349.
162 Reference
Bicheno, J. (1994). Cause and effect JIT: The essentials of lean manufacturing. Johannesburg:
Picsie Books.
Bishop, M. (2002). Computer security: Art and science. In the 2nd International Conference
on Bioinformatics and Biomedical Engineering, ICBBE 2008 Boston, MA. https://
doi.org/10.1002/ejoc.201200111
Boar, B. H. (1998). Redesigning the IT organization for the information age. Information
Systems Management, 15(3), 23–30. Retrieved from http://www.tandfonline.com/
doi/abs/10.1201/1078/43185.15.3.19980601/31131.4
Borgman, H. P., Bahli, B., Heier, H., & Schewski, F. (2013). Cloudrise: Exploring cloud
computing adoption and governance with the TOE framework. In Proceedings of
the Annual Hawaii International Conference on System Sciences (pp. 4425–4435)
Maui, HI. https://doi.org/10.1109/HICSS.2013.132
Börjesson, A., Martinsson, F., & Timmerås, M. (2006). Agile improvement practices
in software organizations. European Journal of Information Systems, 15(2),
169–182.
Bottani, E. (2009). A fuzzy QFD approach to achieve agility. International Journal of
Production Economics, 119(2), 380–391.
Bourque, L., & Fielder, E. P. (2003). How to conduct self-administered and mail surveys
(Vol. 3). Thousand Oaks, CA: Sage.
Boyer, L. (2004). Avenir du management et management de l’avenir: La place du métier.
Management & Avenir, 1, 7–21.
Bradley, S. P. (1998). Sense & respond: Capturing value in the network era. Brighton,
MA: Harvard Business School Press. Retrieved from https://books.google.com/
books?id=n17rLNY6ro4C&pgis=1
Brinda, M., & Heric, M. (2017). The changing faces of the cloud. Bain & Company, (Bain
Co.). Retrieved from http://www.bain.com/Images/BAIN_BRIEF_The_Changing_
Faces_of_the_Cloud.pdf%0Ahttp://www.bain.com/publications/articles/the-changing-
faces-of-the-cloud.aspx
Broadbent, M., & Weill, P. (1997). Management by maxim: How business and IT managers
can create IT infrastructures. Sloan Management Review, 38, 77–92.
Broadbent, M., Weill, P., & St. Clair, D. (1999). The implications of information technol-
ogy infrastructure for business process redesign. MIS Quarterly, 23(2), 159–182.
Brooks, P. (2006). Metrics for IT service management. ’s-Hertogenbosch: Van Haren.
Brown, A. E., Grant, G. G., & Sprott, E. (2005). Framing the frameworks: A review of it
governance research. Communications of the Association for Information Systems,
15, 696–712. https://doi.org/Article
Brown, S., & Bessant, J. (2003). The manufacturing strategy-capabilities links in mass cus-
tomisation and agile manufacturing–an exploratory study. International Journal of
Operations & Production Management, 23(7), 707–730.
Bruce, K. (1998). Can you align IT with business strategy? Strategy & Leadership, 26(5),
16–20. https://doi.org/10.1108/eb054620
Brustbauer, J. (2016). Enterprise risk management in SMEs: Towards a structural
model. International Small Business Journal, 34(1), 70–85. https://doi.org/10.1177/
0266242614542853
Buhalis, D. (2004). eAirlines: Strategic and tactical use of ICTs in the airline industry.
Information & Management, 41(7), 805–825.
Butler, B. S., & Gray, P. H. (2006). Reliability, mindfulness, and information systems. Mis
Quarterly, 30, 211–224.
Butt, S. A., Tariq, M. I., Jamal, T., Ali, A., Martinez, J. L. D., & De-La-Hoz-Franco,
E. (2019). Predictive variables for agile development merging cloud comput-
ing services. IEEE Access, 7, 99273–99282. https://doi.org/10.1109/ACCESS.
2019.2929169
Buxmann, P., Diefenbach, H., & Hess, T. (2015). Cloud computing. Die Softwareindustrie,
221–256. https://doi.org/10.1007/978-3-662-45589-0_7
Reference 163
Byrd, T. A., & Turner, D. E. (2000). Measuring the flexibility of information technology infra-
structure: Exploratory analysis of a construct. Journal of Management Information
Systems, 17(1), 167–208. https://doi.org/10.1080/07421222.2000.11045632
Cadete, G. R., & da Silva, M. M. (2017). In M. Themistocleous & V. Morabito (Eds.),
Assessing IT governance processes using a COBIT5 model BT - Information systems.
(pp. 447–460) Cham: Springer International Publishing.
Cao, L., Mohan, K., Xu, P., & Ramesh, B. (2009). A framework for adapting agile devel-
opment methodologies. European Journal of Information Systems, 18(4), 332–343.
Carter, C. B., & Lorsch, J. W. (2004). Back to the drawing board. Boston, MA: Harvard
Business School Press.
Castka, P., Bamber, C. J., Sharp, J. M., Belohoubek, P., Bessant, J., Francis, D., &
Robinson, A. G. (1991). Factors affecting successful implementation of high perfor-
mance teams. International Journal of Operations & Production Management, 19(11),
1106–1119.
Cater-Steel, A. (2009). IT service departments struggle to adopt a service-oriented philoso-
phy. International Journal of Information Systems in the Service Sector (IJISSS),
1(2), 69–77.
Celen, M., & Djurdjanovic, D. (2012). Operation-dependent maintenance scheduling
in flexible manufacturing systems. CIRP Journal of Manufacturing Science and
Technology, 5(4), 296–308.
Cervone, H. F. (2010). An overview of virtual and cloud computing. OCLC Systems &
Services: International Digital Library Perspectives, 26(3), 162–165.
Chamanifard, R., Nikpour, A., Chamanifard, S., & Nobarieidishe, S. (2015). Impact of
organizational agility dimensions on employee’s organizational commitment in
Foreign Exchange Offices of Tejarat Bank, Iran. European Online Journal of Natural
and Social Science, 4(1), 199–207.
Chang, V., De Roure, D., Wills, G., & Walters, R. J. (2011). Case studies and organisa-
tional sustainability modelling presented by cloud computing business framework.
International Journal of Web Services Research, 8(3), 26–53. https://doi.org/10.4018/
IJWSR.2011070102
Changchit, C., & Chuchuen, C. (2018). Cloud computing: An examination of factors
impacting users’ adoption. Journal of Computer Information Systems, 58(1), 1–9.
https://doi.org/10.1080/08874417.2016.1180651
Chemjor, E. M., & Lagat, C. (2017). Determinants of level of cloud computing adoption in
small and medium enterprises in Nairobi county. International Journal of Economics,
Commerce and Management. 5(4), 248–265.
Chen, P. P. S. (1976). The entity-relationship model – Toward a unified view of data. ACM
Transactions on Database Systems (TODS), 1(1), 9–36.
Cheng, T. C., & Podolsky, S. (1996). Just-in-time manufacturing: An introduction. Berlin:
Springer Science & Business Media.
Chenoweth, T., Corral, K., & Demirkan, H. (2006). Seven key interventions for data ware-
house success. Communications of the ACM, 49(1), 114–119.
Chiang, R. H. L., Grover, V., Liang, T.-P., & Zhang, D. (2018). Special issue: Strategic value
of big data and business analytics. Park Drive: Taylor & Francis.
Chin, W. W., Marcolin, B. L., & Newsted, P. R. (2003). A partial least squares latent
variable modeling approach for measuring interaction effects: results from a
Monte Carlo simulation study and an electronic-mail emotion/ adoption study.
Information Systems Research, 14(2), 189–217. https://doi.org/10.1287/isre.
14.2.189.16018
Chiu, T., & Wang, T. D. (2019). The COSO framework in emerging technology envi-
ronments: An effective in-class exercise on internal control. Journal of Emerging
Technologies in Accounting, 16(2), 89–98. https://doi.org/10.2308/jeta-52500
Cho, V., & Chan, A. (2015). An integrative framework of comparing SaaS adoption for
core and non-core business operations: An empirical study on Hong Kong industries.
164 Reference
Information Systems Frontiers, 17(3), 629–644. https://doi.org/10.1007/s10796-013-

9450-9
Chong, A. Y. -L., & Chan, F. T. S. (2012). Structural equation modeling for multi-stage
analysis on Radio Frequency Identification (RFID) diffusion in the health care indus-
try. Expert Systems with Applications, 39(10), 8645–8654. https://doi.org/10.1016/
j.eswa.2012.01.201
Chong, A. Y.-L., Ooi, K.-B., Lin, B., & Raman, M. (2009). Factors affecting the adop-
tion level of c-commerce: An empirical study. The Journal of Computer Information
Systems, 50(2), 13–22. https://doi.org/10.1080/08874417.2009.11645380
Chong, S., & Bauer, C. (2000). Association for information systems AIS electronic library
(AISeL). A model of factor influences on electronic commerce adoption and diffu-
sion in small-and medium-sized enterprises. Retrieved from http://aisel.aisnet.org/
pacis2000%0Ahttp://aisel.aisnet.org/pacis2000/23
Chung, S. H., Rainer, R. K. Jr, & Lewis, B. R. (2003). The impact of information tech-
nology infrastructure flexibility on strategic alignment and application implementa-
tions. Communications of the Association for Information Systems, 11(1), 11.
Chwelos, P., Benbasat, I., & Dexter, A. S. (1890). Empirical test of an EDI adoption model
empirical test of an EDI adoption model. Information Systems Research, 2(604),
304–321.
Ciborra, C. U. (2009). From thinking to tinkering: The grassroots of strategic information
systems. In C. Avgerou, G. Francesco, L. Leslie, & P. Willcocks (Eds.), Bricolage,
care and information (pp. 206–220). London: Palgrave Macmillan. https://doi.
org/10.1057/9780230250611_10
Clark, C. E., Cavanaugh, N. C., Brown, C. V, & Sambamurthy, V. (1997). Building change-
readiness capabilities in the IS organization: Insights from the Bell Atlantic experi-
ence. MIS Quarterly, 21, 425–455.
Conboy, K. (2009). Agility from first principles: Reconstructing the concept of agility in
information systems development. Information Systems Research, 20(3), 329–354.
https://doi.org/10.1287/isre.1090.0236
Conboy, K., & Fitzgerald, B. (2004). Toward a conceptual framework of agile methods:
a study of agility in different disciplines. Proceedings of the 2004 ACM Workshop
on Interdisciplinary Software Engineering Research, 37–44. Newport Beach, CA.
https://doi.org/10.1145/1029997.1030005
Couger, J. D., Zawacki, R. A., & Oppermann, E. B. (1979). Motivation levels of MIS man-
agers versus those of their employees. MIS Quarterly, 3, 47–56.
Cragg, P., Caldeira, M., & Ward, J. (2011). Organizational information systems compe-
tences in small and medium-sized enterprises. Information & Management, 48(8),
353–363. https://doi.org/https://doi.org/10.1016/j.im.2011.08.003
Crook, C. W., & Kumar, R. L. (1998). Electronic data interchange: a multi-industry investi-
gation using grounded theory. Information & Management, 34(2), 75–89. https://doi.
org/10.1016/S0378-7206(98)00040-8
Crosby, P. B. (1979). Quality is free: The art of making quality certain (Vol. 94). New York,
NY: McGraw-hill.
Cui, Y., Kara, S., & Chan, K. C. (2020). Manufacturing big data ecosystem: A systematic
literature review. Robotics and Computer-Integrated Manufacturing, 62, 101861.
Csillag, J. M. (1988). World class manufacturing: the lessons of simplicity applied. Revista
de Administração de Empresas, 28(1), 55–58.
Cumps, B., Viaene, S., Dedene, G., & Vandenbulcke, J. (2006). An empirical study on
business/ICT alignment in European organisations. In Proceedings of the Annual
Hawaii International Conference on System Sciences (Vol. 8(C), pp. 1–10). Kauia,
HI. https://doi.org/10.1109/HICSS.2006.53
Currie, A. R., Mcconnell, A., Parr, G. P., McClean, S. I., & Khan, K. (2014). Truesource:
A true performance for hierarchical cloud monitoring. In Proceedings of the
Reference 165
2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing

(pp. 980–985). London, UK https://doi.org/10.1109/UCC.2014.161
Cusumano, M. A. (1994). The limits of “ Lean”. Sloan Management Review, 35, 27.
Dahlberg, T., & Kivijärvi, H. (2006). An integrated framework for IT governance and
the development and validation of an assessment instrument. In 39th Hawaii
International Conference on System Sciences (pp. 1–10). Kauia, HI, USA. https://
doi.org/10.1109/HICSS.2006.57
Dahlberg, T., & Lahdelma, P. (2007). IT governance maturity and IT outsourcing degree: An
exploratory study. In Proceedings of the Annual Hawaii International Conference on
System Sciences (pp. 1–10). Waikoloa, HI. https://doi.org/10.1109/HICSS.2007.306
Dalenogare, L. S., Benitez, G. B., Ayala, N. F., & Frank, A. G. (2018). The expected contri-
bution of industry 4.0 technologies for industrial performance. International Journal
of Production Economics, 204, 383–394.
Daniel, E. M., & White, A. (2005). The future of inter-organisational system linkages:
findings of an international Delphi study. European Journal of Information Systems,
14(2), 188–203.
Darke, P., Shanks, G., & Broadbent, M. (1998). Successfully completing case study research:
combining rigour, relevance and pragmatism. Information Systems Journal, 8(4),
273–289. https://doi.org/10.1046/j.1365-2575.1998.00040.x
Dave, U., & Arthur, Y. (2019). Agility: The new response to dynamic change. Strategic HR
Review, 18(4), 161–167. https://doi.org/10.1108/SHR-04-2019-0032
Dedrick, J., & West, J. (2004). An exploratory study into open source platform adoption. In
Proceedings of the 37th Annual Hawaii International Conference on System Sciences
(p. 10). Big Island, HI. https://doi.org/10.1109/HICSS.2004.1265633
De Haes, S., & Van Grembergen, W. (2013). Improving enterprise governance of IT in a
major airline: A teaching case. Journal of Information Technology Teaching Cases,
3(2), 60–69.
De Haes, S., Van Grembergen, W., & Debreceny, R. S. (2013). COBIT 5 and enterprise
governance of information technology: Building blocks and research opportunities.
Journal of Information Systems, 27(1), 307–324. https://doi.org/10.2308/isys-50422
De Haes, S., Van Grembergen, W., Joshi, A., & Huygh, T. (2020). COBIT as a framework
for enterprise governance of IT In S. De Haes, W. Van Grembergen, A. Joshi, &
T. Huygh (Eds.), Enterprise Governance of Information Technology: Management for
Professionals. Charm: Springer. https://doi.org/10.1007/978-3-030-25918-1_5
Deloitte, A. G. (2015). Industry 4.0 challenges and solutions for the digital transformation
and use of exponential technologies. McKinsey Global Institute, 13, 1–16.
Deming, W. E. (2000). Out of the Crisis. Cambridge, MA: MIT press.
Dennis, A. R., George, J. F., Jessup, L. M., Nunamaker, J. F. Jr, & Vogel, D. R.
(1988). Information technology to support electronic meetings. MIS Quarterly,
12, 591–624.
Dertouzos, M. L., Lester, R. K., & Solow, R. M. (1989). Made in America. Cambridge,
MA: MIT Press.
Desouza, K. C., & Awazu, Y. (2006). Knowledge management at SMEs: Five peculiarities.
Journal of Knowledge Management, 10(1), 32–43. Retrieved from https://www.emer-
ald.com/insight/content/doi/10.1108/13673270610650085/full/html
DeToro, R. T., & Teener, A. R. (1992). Total quality management: Three steps to continuous
improvement. Boston, MA: Addison Wesley Publishing Company, Inc.
Dibbern, J., Goles, T., Hirschheim, R., & Jayatilaka, B. (2004). Information systems out-
sourcing: A survey and analysis of the literature. ACM SIGMIS Database: The
DATABASE for Advances in Information Systems, 35(4), 6–102.
Dillon, T., Wu, C., & Chang, E. (2010). Cloud computing: Issues and challenges. In 24th
IEEE International Conference on Advanced Information Networking and Applications
(pp. 27–33). Perth, Australia https://doi.org/10.1109/AINA.2010.187
166 Reference
Dove, R. (1992). The 21st century manufacturing enterprise strategy – Volume 2 (pp. 1–8).
Bethlehem, PA: Japan Management Association Research.
Dove, R. (1991). The 21st century manufacturing enterprise strategy. Iacocca Institute,
Lehigh University.
Dove, R. (1995). Rick dove agility forum best agile practice reference base – 1994: Challenge
models and benchmarks Rick Dove. In 4th Annual Agility Conference. Director
Strategic Analysis, Agility Forum, Bethlehem, PA.
Dove, R. (2002). Response ability: The language, structure, and culture of the agile enter-
prise. Hoboken, NJ: John Wiley & Sons.
Drucker, P. F. (1995). The new productivity challenge. Quality in Higher Education, 37, 45–53.
Duncan, N. B. (1995). Capturing flexibility of information technology infrastructure: A study
of resource characteristics and their measure. Journal of Management Information
Systems, 12(2), 37–57. Retrieved from http://www.jstor.org/stable/40398165
Dybå, T., & Dingsøyr, T. (2008). Empirical studies of agile software development: A sys-
tematic review. Information and Software Technology, 50(9–10), 833–859.
Ebert, C., Gallardo, G., Hernantes, J., & Serrano, N. (2016). DevOps. Ieee Software, 33(3),
94–100.
Elhasnaoui, S., Medromi, H., Chakir, A., & Sayouti, A. (2015). A new IT governance
architecture based on multi agents system to support project management. In
International Conference on Electrical and Information Technologies (ICEIT)
(pp. 43–46). Marrakech, Morocco. https://doi.org/10.1109/EITech.2015.7162957
Evans, J. S. (1991). Strategic flexibility for high technology manoeuvres: A conceptual
framework. Journal of Management Studies, 28(1), 69–89.
Faul, F., Erdfelder, E., Lang, A.-G., & Buchner, A. (2007). G* Power 3: A flexible statistical
power analysis program for the social, behavioral, and biomedical sciences. Behavior
Research Methods, 39(2), 175–191.
Fernando, N., Loke, S. W., & Rahayu, W. (2013). Mobile cloud computing: A survey.
Future Generation Computer Systems, 29(1), 84–106. https://doi.org/10.1016/
j.future.2012.05.023
Fichman, R. (2004). Going beyond the dominant paradigm for information technology
innovation research: Emerging Concepts. Journal of the Association for Information
Systems, 5(8), 314–355. https://doi.org/Article
Fink, L., & Neumann, S. (2009). Taking the high road to web services implementation: An
exploratory investigation of the organizational impacts. ACM SIGMIS Database:
The DATABASE for Advances in Information Systems, 40(3), 84–108.
Foddy, W., & Foddy, W. H. (1994). Constructing questions for interviews and questionnaires:
Theory and practice in social research. Cambridge: Cambridge University Press.
Foster, I., Zhao, Y., Raicu, I., & Lu, S. (2008). Cloud computing and grid computing
360-degree compared. In Grid Computing Environments Workshop, GCE 2008.
Austin, TX https://doi.org/10.1109/GCE.2008.4738445
Foster, R., & Kaplan, S. (2001). Creative destruction, from built-to-last to built-to-perform.
London: Pearson Education Limited.
Fowler, M., & Highsmith, J. (2001). The agile manifesto. Software Development, 9(8), 28–35.
Frank, A. G., Dalenogare, L. S., & Ayala, N. F. (2019). Industry 4.0 technologies:
Implementation patterns in manufacturing companies. International Journal of
Production Economics, 210, 15–26.
Friedman, T. L. (2005). The world is flat, A brief history of the twenty-first century. 1–10.
Friedman, T. L. (2015). It’s a flat world after all. Internal Audit Reports Post Sarbanes-
Oxley, 3, 149–150.
Galliers, R. D. (1991). Strategic information systems planning: myths, reality and guidelines
for successful implementation. European Journal of Information Systems, 1(1), 55–64.
Galliers, R. D. (2006). Strategizing for agility: Confronting information. Agile Information
Systems, 1.
Reference 167
Gallupe, R. B., DeSanctis, G., & Dickson, G. W. (1988). Computer-based support for
group problem-finding: An experimental investigation. MIS Quarterly, 12, 277–296.
Garrison, G., Kim, S., & Wakefield, R. L. (2012). Success factors for deploying cloud comput-
ing. Communications of the ACM, 55(9), 62. https://doi.org/10.1145/2330667.2330685
Gartner. (2017). Gartner insights on how and why leaders must implement cloud comput-
ing cloud strategy leadership have you or your cio expressed any of these concerns?
Retrieved from http://www.gartner.com/imagesrv/books/cloud/cloud_strategy_lead-
ership.pdf
Gebauer, J., & Lee, F. (2008). Enterprise system flexibility and implementation strategies:
Aligning theory with evidence from a case study. Information Systems Management,
25(1), 71–82.
Gene, K., Jez, H., Patrick, D., & John, W. (2016). The DevOps handbook. How to create
world-class agility, reliability & security in technology organizations. Portland, OR:
IT Revolution.
Gerth, A. B., & Rothman, S. (2007). The future IS organization in a flat world. Information
Systems Management, 24(2), 103–111.
Ghobakhloo, M. (2018). The future of manufacturing industry: A strategic roadmap
toward industry 4.0. Journal of Manufacturing Technology Management, 29(6),
910–936. https://doi.org/10.1108/JMTM-02-2018-0057.
Ghobakhloo, M., Arias-Aranda, D., & Benitez-Amado, J. (2011). Adoption of e-commerce
applications in SMEs. In Industrial management and data systems (Vol. 111). Bingley:
Emerald. https://doi.org/10.1108/02635571111170785
Goldman, S. L. (1994). ‘Agile manufacturing concept’. In Coupling technology to national
need (Vol. 2102, pp. 30–40). Bellingham, WA: International Society for Optics and
Photonics.
Goldman, S. L., & Nagel, R. N. (1993). Management, technology and agility: The emergence
of a new era in manufacturing. International Journal of Technology Management, 8,
18–38. https://doi.org/10.1504/IJTM.1993.025758
Goldman, S. L., Nagel, R. N., & Preiss, K. (1995). Agile competitors and virtual organizations:
Strategies for enriching the customer (Vol. 8). New York, NY: Van Nostrand Reinhold.
Gong, C., Liu, J., Zhang, Q., Chen, H., & Gong, Z. (2010). The characteristics of cloud
computing. In 39th International Conference on Parallel Processing Workshops
(pp. 275–279). San Diego, CA. https://doi.org/10.1109/ICPPW.2010.45
Goodhue, D. L., Quillard, J. A., & Rockart, J. F. (1988). Managing the data resource: A
contingency perspective. MIS Quarterly, 12, 373–392.
Goranson, H. T., & Goranson, T. (1999). The agile virtual enterprise: cases, metrics, tools.
Westport, CT: Greenwood Publishing Group.
Goscinski, A., & Brock, M. (2010). Toward dynamic and attribute based publication, dis-
covery and selection for cloud computing. Future Generation Computer Systems,
26(7), 947–970. https://doi.org/https://doi.org/10.1016/j.future.2010.03.009
Goyal, A., & Dadizadeh, S. (2009). A survey on cloud computing. Technical Report for CS,
58, December, pp. 55–58. https://doi.org/10.17148/IJARCCE.2016.54261
Grandon, E. E., & Pearson, J. M. (2004). Electronic commerce adoption: an empirical
study of small and medium US businesses. Information & Management, 42(1),
197–216. https://doi.org/https://doi.org/10.1016/j.im.2003.12.010
Grant, G., Brown, A., Uruthirapathy, A., Mcknight, S., & Grant, G. G. (2007). Association
for information systems AIS electronic Library (AISeL). An extended model of
IT governance: A conceptual proposal. In Proceedings of AMCIS 2007 (p. 215).
Keystone, CO. Retrieved from http://aisel.aisnet.org/amcis2007%0Ahttp://aisel.ais-
net.org/amcis2007/215
Greenhalgh, T., Robert, G., Macfarlane, F., Bate, P., & Kyriakidou, O. (2004). Diffusion of
innovations in service organizations: Systematic review and recommendations. The
Milbank Quarterly, 82(4), 581–629.
168 Reference
Gregor, S., & Benbasat, I. (1999). Explanations from intelligent systems: Theoretical foun-
dations and implications for practice. MIS Quarterly, 23, 497–530.
Group, O. M. (1997). The common object request broker: Architecture and specification,
revision 2.0. February. Retrieved from https://www.omg.org/spec/CORBA/3.4/
Beta1/About-CORBA.rdf
Guldentops, E. (2002). Governing information technology through CobiT BT. In
M. Gertz, E. Guldentops, & L. Strous (Eds.), Integrity, internal control and secu-
rity in information systems: Connecting Governance and Technology (pp. 115–159).
Boston, MA: Springer. https://doi.org/10.1007/978-0-387-35583-2_8
Gunasekaran, A. (1999). Agile manufacturing: A framework for research and develop-
ment. International Journal of Production Economics, 62(1), 87–105. https://doi.
org/10.1016/S0925-5273(98)00222-9
Gunasekaran, A., & Yusuf, Y. Y. (2002). Agile manufacturing: A taxonomy of strategic
and technological imperatives. International Journal of Production Research, 40(6),
1357–1385. https://doi.org/10.1080/00207540110118370
Gupta, P., Seetharaman, A., & Raj, J. R. (2013). The usage and adoption of cloud com-
puting by small and medium businesses. International Journal of Information
Management, 33(5), 861–874.
Hagel, J., & Brown, J. S. (2003). From tightly bound to loosely coupled. Software
Development-San Francisco, 11(9), 39.
Hagel, J., & Brown, J. S. (2001). Your next IT strategy. Harvard Business Review, 79(9),
105–115.
Hagel, J., & Brown, J. S. (2003). The agile dance of architectures – Reframing IT enabled
business opportunities. SAP design guild, Edition on composite applications.
Halawi, L. A., Aronson, J. E., & McCarthy, R. V. (2005). Resource-based view of knowl-
edge management for competitive advantage. The Electronic Journal of Knowledge
Management, 3(2), 75.
Halpin, T. A. (2001). Microsoft’s new database modeling tool: Part 8. Journal of Conceptual
Modeling, 20. Retrieved from http://www.orm.net/pdf/jcm2002dec.pdf
Hank, M. (2006). ITIL: What it is and what it isn’t. Business Communications Review,
36(12), 49.
Hansen-Magnusson, H. (2010). Governance in the European Union: The European blood
directive as an evolving practice. Clinics in Laboratory Medicine, 30(2), 489–497.
Hasselbring, W. (2000). Information system integration. Communications of the ACM,
43(6), 32–38. https://doi.org/10.1145/336460.336472
Hayes, D. C., Hunton, J. E., & Reck, J. L. (2001). Market reaction to ERP implementation
announcements. Journal of Information Systems, 15(1), 3–18.
Heeks, R., Foster, C., & Nugroho, Y. (2014). New models of inclusive innovation for
development. Oxford: University of Oxford.
Hemlata, G., Hema, D., & Ramaswamy, R. (2015). Understanding determinants of
cloud computing adoption using an integrated TAM-TOE model. Journal of
Enterprise Information Management, 28(1), 107–130. https://doi.org/10.1108/
JEIM-08-2013-0065
Hiererra, S. E. (2012). Assessment of IT governance using COBIT 4.1 framework methodol-
ogy: Case study university IS development in IT directorate. Masters Thesis, BINUS
University, Jakarta, Indonesia.
Ho, S. K. M. (1999a). Change for the better via ISO 9000 and TQM. Management Decision,
37(4), 381–388.
Ho, S. K. M. (1999b). Total learning organisation. The Learning Organization, 6(3),
116–120.
Hobbs, B., & Petit, Y. (2017). Agile methods on large projects in large organizations. Project
Management Journal, 48(3), 3–19.
Reference 169
Hoberg, P., Wollersheim, J., & Krcmar, H. (2012). The business perspective on cloud
computing-a literature review of research on cloud computing. In AMCIS 2012
Proceedings, Paper 5. Seattle, WA
Hohpe, G., & Woolf, B. (2004). Enterprise integration patterns: Designing, building, and
deploying messaging solutions. Boston, MA: Addison-Wesley Professional.
Holmqvist, M., & Pessi, K. (2006). Agility through scenario development and continuous
implementation: A global aftermarket logistics case. European Journal of Information
Systems, 15(2), 146–158.
Hong, W., Thong, J. Y., Chasalow, L. C., & Dhillon, G. (2011). User acceptance of
agile information systems: A model and empirical test. Journal of Management
Information Systems, 28(1), 235–272.
Hooper, M. J., & Steeple, D. (1997). Agile manufacturing-manufacturing for the new mil-
lennium-a critical review. In IEEE Portland International Conference on Management
and Technology Innovation in Technology Management-The Key to Global Leadership
(PICMET’97) (pp. 635–637). Portland, OR
Hormozi, A. M. (2001). Agile manufacturing: The next logical step. Benchmarking: An
International Journal, 8(2), 132–143.
Hsu, P.-F., Kraemer, K. L., & Dunkle, D. (2006). Determinants of e-business use in
U.S. firms. International Journal of Electronic Commerce, 10(4), 9–45. https://doi.
org/10.2753/JEC1086-4415100401
Humble, J., & Farley, D. (2010). Continuous delivery: Reliable software releases through
build, test, and deployment automation. New York, NY: Pearson Education.
Hsu, P.-F., Ray, S., & Li-Hsieh, Y.-Y. (2014). Examining cloud computing adoption
intention, pricing mechanism, and deployment model. International Journal of
Information Management, 34(4), 474–488. https://doi.org/https://doi.org/10.1016/
j.ijinfomgt.2014.04.006
Ifinedo, P. (2011a). Internet/e-business technologies acceptance in Canada’s SMEs:
an exploratory investigation. Internet Research, 21(3), 255–281. https://doi.
org/10.1108/10662241111139309
Ifinedo, P. (2011b). An empirical analysis of factors influencing internet/e-business
technologies adoption by SMES in Canada. International Journal of Information
Technology & Decision Making, 10(04), 731–766. https://doi.org/10.1142/
S0219622011004543
Imache, R., Izza, S., & Ahmed-Nacer, M. (2012). An enterprise information system agil-
ity assessment model. Computer Science and Information Systems, 9(1), 107–133.
https://doi.org/10.2298/CSIS101110041I
Imai, K., Nonaka, I., & Takeuchi, H. (1984). Managing the new product development pro-
cess: How Japanese companies learn and unlearn. Boston, MA: Division of Research,
Harvard Business School.
ISACA. (2012). COBIT 5: A business framework for the governance and management of enter-
prise IT. Rolling Meadows, IL: Information Systems Audit and Control Association.
Isakowitz, T., Stohr, E. A., & Balasubramanian, P. (1995). RMM: A methodology for
structured hypermedia design. Communications of the ACM, 38(8), 34–44.
Ishikawa, D. K. (1985). What Is total quality control?: The Japanese way (business manage-
ment). Upper Sadle River, NJ: Prentice Hall Trade.
ITGI. (2007). COBIT mapping overview of international IT guidance (2nd ed.). Rolling
Meadows, IL: IT Governance Institute.
Jacobson, I., Booch, G., & Rumbaugh, J. (1999). The unified software development process.
Addison-Wesley Longman Publishing Co., Inc.
Jacobson, I., Booch, G., & Rumbaugh, J. (1999). The unified process. IEEE Software, 16(3), 96.
Izza, S., & Imache, R. (2010). An approach to achieve IT agility by combining SOA with ITSM.
International Journal of Information Technology and Management, 9(4), 423–445.
170 Reference
James-Moore, S. M., & Gibbons, A. (1997). Is lean manufacture universally relevant?

An investigative methodology. International Journal of Operations & Production
Management, 17(9), 899–911.
Joachim, N., Beimborn, D., & Weitzel, T. (2013). The influence of SOA governance mech-
anisms on IT flexibility and service reuse. The Journal of Strategic Information
Systems, 22(1), 86–101.
Juran, J. M. (1986). The quality trilogy. Quality Progress, 19(8), 19–24.
Kale, E., Aknar, A., & Başar, Ö. (2018). Absorptive capacity and firm performance:
The mediating role of strategic agility. International Journal of Hospitality
Management. 78, 276–283.
Kalle, L., & Rose, G. M. (2003). Disruptive information system innovation: The case of
internet computing. Information Systems Journal, 13(4), 301–330. https://doi.org/
doi:10.1046/j.1365-2575.2003.00155.x
Kaplan, B., & Duchon, D. (1988). Combining qualitative and quantitative methods in
information systems research: A case study’. MIS Quarterly, 12(4), 571–586.
Kaplan, R. S., Kaplan, R. S., Norton, D. P., & Norton, D. P. (1996). The balanced score-
card: Translating strategy into action. Boston, MA: Harvard Business Press.
Kasper, G. M. (1996). A theory of decision support system design for user calibration.
Information Systems Research, 7(2), 215–232.
Kaur, S. P., Kumar, J., & Kumar, R. (2017). The relationship between flexibility of manu-
facturing system components, competitiveness of smes and business performance: A
study of manufacturing SMEs in Northern India. Global Journal of Flexible Systems
Management, 18(2), 123–137. https://doi.org/10.1007/s40171-016-0149-x
Kearney, P. M., Whelton, M., Reynolds, K., Muntner, P., Whelton, P. K., & He, J. (2005).
Global burden of hypertension: analysis of worldwide data. The Lancet, 365(9455),
217–223.
Keen, P. G. W. (1978). Decision support systems: An organizational perspective. Boston,
MA: Addison Wesley.
Kets de Vries, M. F. R., & Balazs, K. (1998). Beyond the quick fix:: The psychodynamics
of organizational transformation and change. European Management Journal, 16(5),
611–622. https://doi.org/https://doi.org/10.1016/S0263-2373(98)00037-1
Kidd, P. T. (1994). Agile manufacturing: Key issues. In Conference on the human aspects
of advanced manufacturing. Retrieved from www. Cheshirehenbury.com/Agility/
Ampapers.html.
Kidd, P. T. (1995). Agile manufacturing: Forging new frontiers. Boston, MA: Addison-
Wesley Longman Publishing Co., Inc.
Kidd, P. T. (1996). Agile manufacturing: A strategy for the 21st century. In IEE Colloquium
on Agile Manufacturing. Digest No.1995/179 (pp. 1–6). Retrieved from www.
Cheshirehenbury.com/Agility/Ampapers.html.
Kim, K. H., Beloglazov, A., & Buyya, R. (2009). Power-aware provisioning of cloud
resources for real-time services. In Proceedings of the 7th International Workshop on
Middleware for Grids, Clouds and e-Science (Vol. 1, pp. 1–16). Urbana Champaign,
IL. https://doi.org/10.1145/1657120.1657121
Kim, W. (2009). Cloud computing: Status and prognosis. Journal of Object Technology,
8(1), 65–72.
Kim, Y. T., Park, D. G., Kang, J., & Seo, K. S. (2008). Development of patch type sen-
sor module for real-time monitoring of heart rate and agility index. Proceedings of
IEEE Sensors, June, 1151–1154.
Klapwijk, T. M. (2004). Proximity effect from an Andreev perspective. Journal of
Superconductivity, 17(5), 593–611.
Klein, R. (2012). Assimilation of Internet-based purchasing applications within medical
practices. Information & Management, 49(3), 135–141. https://doi.org/https://doi.
org/10.1016/j.im.2012.02.001
Reference 171
Knapp, K., Morris, R., E. Marshall, T., & Byrd, T. (2009). Information security policy: An
organizational-level process model. In Computers & Security, 28, 493–508. https://
doi.org/10.1016/j.cose.2009.07.001
Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions
and institutional evolution. Telecommunications Policy, 37(4), 372–386. https://doi.
org/https://doi.org/10.1016/j.telpol.2012.04.011
Kuan, K. K. Y., & Chau, P. Y. K. (2001). A perception-based model for EDI adoption
in small businesses using a technology–organization–environment framework.
Information & Management, 38(8), 507–521. https://doi.org/https://doi.org/10.1016/
S0378-7206(01)00073-8
Kumar, R. L., & Stylianou, A. C. (2014). A process model for analyzing and managing
flexibility in information systems. European Journal of Information Systems, 23(2),
151–184. https://doi.org/10.1057/ejis.2012.53
Kumbakara, N. (2008). Managed IT services: The role of IT standards. Information
Management and Computer Security, 16(4), 336–359. https://doi.org/10.1108/
09685220810908778.
Kunio, T. (2010). NEC cloud computing system. NEC Technical Journal, 5(2), 10–15.
Lacity, M. C., Willcocks, L. P., & Feeny, D. F. (1996). The value of selective IT sourcing.
Sloan Management Review, 37, 13–25.
Lahtela, A., Jäntti, M., & Kaukola, J. (2010). Implementing an ITIL-based IT service
management measurement system. In 4th International conference on digital society,
ICDS 2010, Includes CYBERLAWS 2010: The 1st International conference on tech-
nical and legal aspects of the e-society, St. Maarten, Netherlands. IEEE, pp. 249–254.
Landry, M., & Banville, C. (1992). A disciplined methodological pluralism for MIS
research. Accounting, Management and Information Technologies, 2(2), 77–97.
Lee, G., & Xia, W. (2005). The ability of information systems development project teams
to respond to business and technology changes: A study of flexibility measures.
European Journal of Information Systems, 14(1), 75–92.
Lee, S., & Kim, K. (2007). Factors affecting the implementation success of Internet-based
information systems. Computers in Human Behavior, 23(4), 1853–1880. https://doi.
org/https://doi.org/10.1016/j.chb.2005.12.001
Lengnick-Hall, C. A., Beck, T. E., & Lengnick-Hall, M. L. (2011). Developing a capac-
ity for organizational resilience through strategic human resource management.
Human Resource Management Review, 21(3), 243–255. https://doi.org/https://doi.
org/10.1016/j.hrmr.2010.07.001
Li, Y., Jia, X., Chen, Y., & Yin, C. (2014). Frequency agility MIMO-SAR imaging and anti-
deception jamming performance. In 2014 31th URSI general assembly and scientific
symposium, URSI GASS 2014, Beijing, China, pp. 1–4.
Li, Z., Zhang, H., O’Brien, L., Cai, R., & Flint, S. (2013). On evaluating commercial Cloud
services: A systematic review. Journal of Systems and Software, 86(9), 2371–2393.
Lian, J.-W., Yen, D. C., & Wang, Y.-T. (2014). An exploratory study to understand the
critical factors affecting the decision to adopt cloud computing in Taiwan hospi-
tal. International Journal of Information Management, 34(1), 28–36. https://doi.org/
https://doi.org/10.1016/j.ijinfomgt.2013.09.004
Lietz, P. (2008). Questionnaire design in attitude and opinion research: Current state of an
art. Citeseer. Retrieved from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.
1.1.477.1797&rep=rep1&type=pdf
Lim, K. H. (2009). Knowledge management systems diffusion in Chinese enterprises: A
multistage approach using the technology-organization-environment framework.
Journal of Global Information Management (JGIM), 17(1), 70–84.
Lim, S. (2014). Impact of information technology infrastructure flexibility on the com-
petitive advantage of small and medium sized-enterprises. Journal of Business &
Management, 3(1), 1–12. https://doi.org/10.12735/jbm.v3i1p1
172 Reference
Lin, A., & Chen, N.-C. (2012). Cloud computing as an innovation: Percepetion, attitude,
and adoption. International Journal of Information Management, 32(6), 533–540.
https://doi.org/https://doi.org/10.1016/j.ijinfomgt.2012.04.001
Lin, H.-F., & Lin, S.-M. (2008). Determinants of e-business diffusion: A test of the tech-
nology diffusion perspective. Technovation, 28(3), 135–145. https://doi.org/https://
doi.org/10.1016/j.technovation.2007.10.003
Lippert, S. K., & Govindrajulu, C. (2006). Technological, organizational, and environ-
mental antecedents to web services adoption. Communications of the IIMA, 6(1),
146–158. https://doi.org/10.1017/CBO9781107415324.004
Lohr, B. S. (2007). Google and I.B.M. Join in ‘cloud computing’ research. New York Times,
October 8, pp. 9–10.
Low, C., Wu, M., & Chen, Y. (2011). Understanding the determinants of cloud computing
adoption. Industrial Management & Data Systems, 111(7), 1006–1023. https://doi.
org/10.1108/02635571111161262
Lowenstein, D., & Slater, C. (2016). Reducing the cost of test through strategic asset man-
agement. In AUTOTESTCON (Proceedings), Anaheim, Canada: IEEE, pp. 1–5.
Luo, X., Gurung, A., & Shim, J. P. (2010). Understanding the determinants of user
acceptance of enterprise instant messaging: An empirical study. Journal of
Organizational Computing and Electronic Commerce, 20(2), 155–181. https://doi.
org/10.1080/10919391003709179
Lynn, T., Liang, X., Gourinovitch, A., Morrison, J. P., Fox, G., & Rosati, P. (2018, January).
Understanding the determinants of cloud computing adoption for high performance
computing. In 51st Hawaii International Conference on System Sciences (HICSS-
51) (pp. 3894–3903). University of Hawai’i at Manoa.
Lyytinen, K., & Damsgaard, J. (2011). Inter-organizational information systems adoption–
a configuration analysis approach. European Journal of Information Systems, 20(5),
496–509.
Lyytinen, K., & Rose, G. M. (2003). The disruptive nature of information technology inno-
vations: the case of internet computing in systems development organizations. MIS
Quarterly, 27, 557–596.
Ma, Q., Pearson, J. M., & Tadisina, S. (2005). An exploratory study into factors of service
quality for application service providers. Information & Management, 42(8), 1067–1080.
Maas, J. (1998). Leveraging the new infrastructure: How market leaders capitalize on infor-
mation technology. MIT Sloan Management Review, 40(1), 104.
Mack, N., Woodsong, C., MacQueen, K. M., Guest, G., & Namey, E. (2005). Qualitative research
methods: A data collectors field guide. Durham, NC: Family Health International.
Maes, K., De Haes, S., & Van Grembergen, W. (2013). Investigating a process approach
on business cases: An exploratory case study at Barco. International Journal of IT/
Business Alignment and Governance (IJITBAG), 4(2), 37–53.
Markus, M. L., & Benjamin, R. I. (1996). Change agentry-the next IS frontier. MIS
Quarterly, 20, 385–407.
Marrone, M., Gacenga, F., Cater-Steel, A., & Kolbe, L. (2014). IT service management:
A cross-national study of ITIL adoption. Communications of the Association for
Marrone, M., & Kolbe, L. M. (2011). Uncovering ITIL claims: IT executives’ percep-
tion on benefits and Business-IT alignment. Information Systems and E-Business
Management, 9(3), 363–380. https://doi.org/10.1007/s10257-010-0131-7
Marston, S, Bandyopadhyay, S., & Ghalsasi, A. (2011). Cloud computing – The business
perspective. In 44th Hawaii International Conference on System Sciences (pp. 1–11).
Hawaii, USA https://doi.org/10.1109/HICSS.2011.102
Marston, S., Li, Z., Bandyopadhyay, S., Zhang, J., & Ghalsasi, A. (2011). Cloud comput-
ing – The business perspective. Decision Support Systems, 51(1), 176–189. https://
doi.org/10.1016/j.dss.2010.12.006
Reference 173
Martens, B., & Teuteberg, F. (2012). Decision-making in cloud computing environments: A

cost and risk based approach. Information Systems Frontiers, 14(4), 871–893. https://
doi.org/10.1007/s10796-011-9317-x
Mason, R. O., & Mitroff, I. I. (1973). A program for research on management infor-
mation systems. Management Science, 19(5), 475–487. https://doi.org/10.1287/
mnsc.19.5.475
Mason-Jones, R., & Towill, D. R. (1999). Using the information decoupling point to improve
supply chain performance. The International Journal of Logistics Management, 10(2),
13–26.
Maximini, D., Maximini, & Rauscher. (2018). Scrum culture. Berlin: Springer.
Mazhelis, O., & Tyrväinen, P. (2012). Economic aspects of hybrid cloud infrastructure:
User organization perspective. Information Systems Frontiers, 14(4), 845–869.
https://doi.org/10.1007/s10796-011-9326-9
McAvoy, J., Nagle, T., & Sammon, D. (2013). Using mindfulness to examine ISD agility.
Information Systems Journal, 23(2), 155–172.
McCann, J., Selsky, J., & Lee, J. (2009). Building agility, resilience and performance in tur-
bulent environments. People & Strategy, 32(3), 44–51.
McCarthy, I., & Tsinopoulos, C. (2003). Strategies for agility: An evolutionary and configu-
rational approach. Integrated Manufacturing Systems, 14(2), 103–113.
McNally, W. (1993). Total quality management. Three steps to continuous improvement.
Journal of the Operational Research Society, 44(1), 91–92.
McNaughton, B., Ray, P., & Lewis, L. (2010). Designing an evaluation framework for IT
service management. Information & Management, 47(4), 219–225.
Meredith, S., & Francis, D. (2000). Journey towards agility: The agile wheel explored. The
TQM Magazine, 12(2), 137–143.
Melarkode, A., From Poulsen, M., & Warnakulasuriya, S. (2004). Delivering agility
through IT. Business Strategy Review, 15(3), 45–50.
Metheny, M. (2013). Federal cloud computing. In Federal cloud computing (pp. 71–102).
Amsterdam: Elsevier. https://doi.org/10.1016/B978-1-59-749737-4.00004-6
Meziani, R., & Saleh, I. (2010). E-government: ITIL-based service management case study.
In IiWAS2010 – 12th International conference on information integration and web-
based applications and services, Munich, Germany, pp. 509–516.
Mingers, J. (2001). Combining IS research methods: Towards a pluralist methodology.
Mintzberg, H. (1973). The nature of managerial work. London: Pearson.
Misra, S. C., & Mondal, A. (2011). Identification of a company’s suitability for the adop-
tion of cloud computing and modelling its corresponding Return on Investment.
Mathematical and Computer Modelling, 53(3–4), 504–521. https://doi.org/10.1016/
j.mcm.2010.03.037
Montalbano, E. (2012). Feds refine cloud security standards. InformationWeek. Retrieved
from https://www.informationweek.com/cloud/feds-roll-out-cloud-security-guidelines/
d/d-id/1093861?piddl_msgorder=asc
Morse, J. M. (1994). Designing funded qualitative research. In N. K. Denzin & Y. S.
Lincoln (Eds.), Handbook of qualitative research (pp. 220 -235). New York, NY: Sage
Publications, Inc.
Morton, J., Stacey, P., & Mohn, M. (2018). Building and maintaining strategic agility: an
agenda and framework for executive IT leaders. California Management Review,
61(1), 94–113.
Moy, B. (2018). PROGame: A process framework for serious game development for motor
rehabilitation therapy. PloS One, 13, 1–18.
Muñoz, A., Gonzalez, J., & Maña, A. (2012). A performance-oriented monitoring sys-
tem for security properties in cloud computing applications. The Computer Journal,
55(8), 979–994. Retrieved from http://dx.doi.org/10.1093/comjnl/bxs042
174 Reference
Murphy, K., Lyytinen, K., & Somers, T. (2018). A socio-technical model for project-based
executive IT governance. In Proceedings of the 51st Hawaii International Conference
on System Sciences (Vol. 9, pp. 4825–4834). Hawaii, USA
Nagel, R. N. (1992). 21st century manufacturing enterprise strategy report. Report no. 53.
US Defence Technical Information Center. Retrieved from https://doi.org/http://
books.google.co.uk/books?id=dSjsn_ECSSsC&pg=PP2&lpg=PP2&dq=Iacocca+
Institute,+21st+Century+Manufacturing+Enterprise+Strategy,+Lehigh+University,+
Bethlehem,+PA,+1991&source=bl&ots=uvnVNNf99X&sig=n-ssc_wIoQcntirxsH
yi7xUPHbU&hl=en&sa=X&ei=WKHPUtj1GMSB
Nagel, R. N., & Dove, R. (1991). 21st century manufacturing enterprise strategy: An industry-
led view. Darby, PA: Diane Publishing.
Narain, R., Yadav, R. C., Sarkis, J., & Cordeiro, J. J. (2000). The strategic implications
of flexibility in manufacturing systems. International Journal of Agile Management
Systems, 2(3), 202–213.
Nelson, A., & Harvey, F. A. (1995). Technologies for training and supporting your
agile workforce. In 4th Agility Forum Annual Conference on Creating the Agile
Organization: Models, Metrics and Pilots. (pp. 92–100). Atlanta, GA.
Neto, J. S., CGEIT, C., Assessor, C. C., & de Luca Ribeiro, C. H. (2014). Is COBIT 5 pro-
cess implementation a wicked problem? COBIT Focus, 2, 8–10.
Newcomer, E. (2002). Understanding web services: XML, Wsdl, Soap, and UDDI. Boston,
MA: Addison-Wesley Professional.
Newkirk, H. E., & Lederer, A. L. (2006). The effectiveness of strategic information sys-
tems planning under environmental uncertainty. Information & Management, 43(4),
481–501.
Nfuka, E. N., & Rusu, L. (2011). The effect of critical success factors on IT governance
performance. Industrial Management & Data Systems, 111(9), 1418–1448. https://
doi.org/10.1108/02635571111182773
Nkhoma, M., & Dang, D. (2013). Contributing factors of cloud computing adoption: A
technology-organisation-environment framework approach. International Journal
of Information Systems and Engineering (IJISE), 1(1), 38–49.
Oetzel, J. M. (2004). Differentiation advantages in the on-line brokerage industry.
International Journal of Electronic Commerce, 9(1), 105–126.
Ohno, T. (1988). Toyota production system: Beyond large-scale production. Boca Raton, FL:
CRC Press.
Oliveira, T., & Martins, M. F. (2011). Literature review of information technology adop-
tion models at firm level. The Electronic Journal Information Systems Evaluation
(EJISE), 14(1), 110–121.
Oliveira, T., & Martins, M. F. (2010). Understanding e-business adoption across indus-
tries in European countries. Industrial Management and Data Systems, 110(9),
1337–1354. https://doi.org/10.1108/02635571011087428
Oliveira, T., Thomas, M., & Espadanal, M. (2014). Assessing the determinants of cloud com-
puting adoption: An analysis of the manufacturing and services sectors. Information
and Management, 51(5), 497–510. https://doi.org/10.1016/j.im.2014.03.006
Oliver, D., & Lainhart, J. (2012). COBIT 5: Adding value through effective geit. EDPACS,
46(3), 1–12. https://doi.org/10.1080/07366981.2012.706472
Olson, M. H. (1985). Management information systems: Conceptual foundations, structure,
and development. New York, NY: McGraw-Hill.
Omari, L. A., Barnes, P. H., & Pitman, G. (2012). An exploratory study into audit chal-
lenges in IT governance: A Delphi approach. In the Symposium on IT Governance,
Management and Audit. Retrieved from https://eprints.qut.edu.au/53110/
Otto, B. (2010). IT governance and organizational transformation: Findings from an action
research study. In AMCIS (p. 421). Lima, Peru.
Reference 175
Overby, E., Bharadwaj, A., & Sambamurthy, V. (2006). Enterprise agility and the enabling
role of information technology. European Journal of Information Systems, 15(2),
120–131.
Oztemel, E., & Gursev, S. (2020). Literature review of Industry 4.0 and related technolo-
gies. Journal of Intelligent Manufacturing, 31(1), 127–182.
Park, J. O., Kim, S. G., Choi, B. H., & Jun, M. S. (2008). The study on the maturity
measurement method of security management for ITSM. In Proceedings – 2008
International conference on convergence and hybrid information technology, ICHIT
2008, Busan, Korea: IEEE, pp. 826–830.
Park, Y., El Sawy, O. A., & Fiss, P. C. (2017). The role of business intelligence and com-
munication technologies in organizational agility: A Configurational Approach.
Journal of the Association for Information Systems, 18(9), 648–686.
Parker, G. (1996). The military revolution: Military innovation and the rise of the west, 1500-
1800. Cambridge: Cambridge University Press.
Pearlson, K. E., & Saunders, C. S. (2006). Managing and using information systems.
Hoboken, NJ: Wiley.
Pereira, A. C., & Romero, F. (2017). A review of the meanings and the implications of the
industry 4.0 concept. Procedia Manufacturing, 13, 1206–1214.
Peters, T. J., & Waterman, R. H. (1984). In search of excellence. Nursing Administration
Quarterly, 8(3), 85–86.
Peterson, R. R. (2001). Configurations and coordination for global information technology
governance: Complex designs in a transnational european context. In Proceedings
of the Hawaii International Conference on System Sciences (p. 217). https://doi.
org/10.1109/HICSS.2001.927133
Pinsonneault, A., & Rivard, S. (1998). Information technology and the nature of manage-
rial work: From the productivity paradox to the Icarus paradox? MIS Quarterly, 22,
287–311.
Prager, K. P. (1996). Managing for flexibility: the new role of the aligned IT organization.
Information Systems Management, 13(4), 41–46.
Premkumar, G., & Roberts, M. (1999). Adoption of new information technologies in rural
small businesses. Omega, 27(4), 467–484. https://doi.org/https://doi.org/10.1016/
S0305-0483(98)00071-1
Prerna, L., & Shah, B. S. (2016). Understanding the impact of cloud-based services adoption
on organizational flexibility: An exploratory study. Journal of Enterprise Information
Management, 29(4), 566–588. https://doi.org/10.1108/JEIM-04-2015-0028
Queiroz, M., Tallon, P. P., Sharma, R., & Coltman, T. (2018). The role of IT application
orchestration capability in improving agility and performance. Journal of Strategic
Information Systems, 27(1), 4–21. https://doi.org/10.1016/j.jsis.2017.10.002
Raghupathi, W. (2007). Corporate governance of IT: A framework for development.
Communications of the ACM, 50(8), 94–99. https://doi.org/10.1145/1278201.1278212
Ramasesh, R., Kulkarni, S., Jayakumar, M., Jin-Hai, L., Anderson, A. R., & Harrison,
R. T. (2001). Integrated manufacturing systems agility in manufacturing systems:
An exploratory modeling framework and simulation. International Journal of
Operations & Production Management, 12(5), 534–548. https://doi.org/10.1108/
EUM0000000006236
Ramdani, B., Kawalek, P., & Lorenzo, O. (2009). Predicting SMEs’ adoption of enter-
prise systems. Journal of Enterprise Information Management, 22, 10–24. https://doi.
org/10.1108/17410390910922796
Ramesh, B., Mohan, K., & Cao, L. (2012). Ambidexterity in agile distributed development:
An empirical investigation. Information Systems Research, 23(2), 323–339.
Ramesh, J. V, Singh, S. K., & Sharma, M. (2011). Development of private cloud for edu-
cational institution using aneka grid container. In Proceedings of the International
176 Reference
Conference & Workshop on Emerging Trends in Technology (pp. 244–247).

Mumbai, India https://doi.org/10.1145/1980022.1980078
Ramírez-Mora, S. L., Oktaba, H., & Patlán Pérez, J. (2020). Group maturity, team
efficiency, and team effectiveness in software development: A case study in a CMMI-
DEV Level 5 organization. Journal of Software: Evolution and Process, 32(4), e2232.
https://doi.org/10.1002/smr.2232
Rattner, L., & Reid, R. A. (1994). The information processing roles for mid-level production
management in agile manufacturing. IEEE Humans, Information and Technology, 1,
518–524.
Ravichandran, T. (2018). Exploring the relationships between IT competence, innovation
capacity and organizational agility. The Journal of Strategic Information Systems,
27(1), 22–42.
Ren, J., Yusuf, Y. Y., & Burns, N. D. (2003). The effects of agile attributes on competi-
tive priorities: a neural network approach. Integrated Manufacturing Systems, 14(6),
489–497.
Revans, R. (1983). ABC of action learning. Bromley, KY: Chartwell-Bratt.
Ribeiro, J., & Gomes, R. (2009). IT governance using COBIT implemented in a High
Public Educational Institution – A case study. In Proceedings of the 3rd International
Conference on European Computing Conference, September (pp. 41–52). Retrieved
from wseas.us/e-library/conferences/2009/georgia/CCI/CCI04.pdf
Rimienė, K. (2011). Supply chain agility concept evolution (1990-2010). Economics &
Management, 16.
Ringle, C. M., Sinkovics, R. R., & Henseler, J. (2009). The use of partial least squares
path modeling in international marketing. In Advances in International Marketing:
Vol. 20. New Challenges to International Marketing (pp. 277–319). Bingley: Emerald.
https://doi.org/doi:10.1108/S1474-7979(2009)0000020014
Robson, W. (1998). Strategic management and information systems: An integrated
Approach. Systems Research and Behavioral Science, 15(4), 347–350.
Rockart, J., Earl, M., & Ross, J. (1996). Eight imperatives for the new IT organization.
Sloan Management Review, 38(1), 43–55.
Rogers, E. M. (2003). Diffusion of innovations (5th ed). New York, NY: Free Press.
Roman, D., Keller, U., Lausen, H., De Bruijn, J., Lara, R., Stollberg, M., … Fensel, D.
(2005). Web service modeling ontology. Applied Ontology, 1(1), 77–106.
Ross, J., & Beath, C. (2006). Sustainable IT outsourcing success: Let enterprise architecture
be your guide. MIS Quarterly Executive, 5(4), 7.
Rother, M. (2019). Toyota Kata: Managing people for improvement, adaptiveness and supe-
rior results. New York, NY: MGH.
Saha, N., Gregar, A., Van der Heijden, B. I. J. M., & Sáha, P. (2019). The influence of
SHRM and organizational agility: Do they really boost organizational perfor-
mance? In Ç. Doğru (Ed.), Handbook of research on contemporary approaches in
management and organizational strategy (pp. 62–83). Hershey, PA: IGI Global.
Sahid, A., Maleh, Y., & Belaissaoui, M. (2018). A practical agile framework for IT ser-
vice and asset management ITSM/ITAM through a case study. Journal of Cases on
Information Technology, 20(4), 71–92.
Sambamurthy, V., Bharadwaj, A., & Grover, V. (2003). Shaping agility through digital
options: Reconceptualizing the role of information technology in contemporary
firms. MIS Quarterly, 27(2), 237–263.
Sanchez, L. M., & Nagi, R. (2001). A review of agile manufacturing systems. International
Journal of Production Research, 39(16), 3561–3600.
Sandu, R., & Gide, E. (2018). Technological, organisational and environmental (TOE) fac-
tors that influence the adoption of cloud based service SMEs in India. In IEEE
11th International Conference on Cloud Computing (CLOUD) (pp. 866–870). San
Francisco, CA. https://doi.org/10.1109/CLOUD.2018.00123
Reference 177
Sangle, S. (2011). Adoption of cleaner technology for climate proactivity: a technology–

firm–stakeholder framework. Business Strategy and the Environment, 20(6), 365–378.
Sarker, S. [Saonee], & Sarker, S. [Suprateek]. (2009). Exploring agility in distributed infor-
mation systems development teams: An interpretive study in an offshoring context.
Sarkis, J. (2001). Benchmarking for agility. Benchmarking: An International Journal, 8(2),
88–107.
Sassone, P. G. (1988). A survey of cost-benefit methodologies for information systems.
Project Appraisal, 3(2), 73–84.
Sawas, M. S., & Watfa, M. K. (2015). The impact of cloud computing on information
systems agility. Australasian Journal of Information Systems, 19, 97–112. https://doi.
org/10.3127/ajis.v19i0.930
Sawhney, N., & Schmandt, C. (2000). Nomadic radio: Speech and audio interaction for
contextual messaging in nomadic environments. ACM Transactions on Computer-
Human Interaction (TOCHI), 7(3), 353–383.
Schapiro, S. B., & Henry, M. H. (2012). Engineering agile systems through architectural
modularity. In SysCon 2012 – 2012 IEEE international systems conference, proceed-
ings, Vancouver, Canada.: IEEE, pp. 28–33.
Schmidt, C., & Buxmann, P. (2011). Outcomes and success factors of enterprise IT archi-
tecture management: Empirical insight from the international financial services
industry. European Journal of Information Systems, 20(2), 168–185.
Scheer, A.-W., & Habermann, F. (2000). Enterprise resource planning: Making ERP a suc-
cess. Communications of the ACM, 43(4), 57–61.
Schneiderman, R. (2011). For cloud computing, the sky is the limit [special reports]. IEEE
Signal Processing Magazine, 28(1), 15–144.
Senarathna, I., Wilkin, C., Warren, M., Yeoh, W., & Salzman, S. (2018). Factors that
influence adoption of cloud computing: An empirical study of Australian SMEs.
Australasian Journal of Information Systems, 22.
Senarathna, R. (2016). Cloud computing adoption by SMEs in Australia. PhD. Thesis,
Faculty of Business and Law, Melbourne, Victoria, Australia.
Sengupta, K., & Masini, A. (2008). IT agility: Striking the right balance. Business Strategy
Review, 19(2), 42–48. https://doi.org/10.1111/j.1467-8616.2008.00534.x
Senn, J. A. (1978). Essential principles of information systems development. MIS Quarterly,
2, 17–26.
Shah Alam, S., Ali, M. Y., & Mohd Jani, M. (2011). An empirical study of factors affecting
electronic commerce adoption among SMEs in Malaysia. Journal of Business Economics
and Management, 12(2), 375–399. https://doi.org/10.3846/16111699.2011.576749
Sharif, A. M., Irani, Z., & Love, P. E. D. (2005). Integrating ERP using EAI: A model for
post hoc evaluation. European Journal of Information Systems, 14(2), 162–174.
Sharifi, H., & Zhang, Z. (1999). Methodology for achieving agility in manufacturing
organisations: An introduction. International Journal of Production Economics,
62(1), 7–22. https://doi.org/10.1016/S0925-5273(98)00217-5
Sharp, J. M., Bamber, C. J., Desia, S., & Irani, Z. (1999). An empirical analysis of lean &
agile manufacturing. In Proceedings of the IMechE Conference on Lean & Agile for
the Next Millennium, March 9. City University, London, UK.
Sharp, J. M., Irani, Z., & Desai, S. (1999). Working towards agile manufacturing in the UK
industry. International Journal of Production Economics, 62(1–2), 155–169.
Shein, C., Robinson, H. E., & Gutierrez, H. (2018). Agility in the archives: Translating
agile methods to archival project management. RBM: A Journal of Rare Books,
Manuscripts, and Cultural Heritage, 19(2), 94.
Shen, Z., & Tong, Q. (2010). The security of cloud computing system enabled by trusted
computing technology. In IEEE 2nd International Conference on Signal Processing
Systems (ICSPS) (Vol. 2, pp. V2–11). Dalian, China.
178 Reference
Shore, B. (2006). Enterprise integration across the globally disbursed service organization.
Communications of the ACM, 49(6), 102–106.
Sia, S. K., Koh, C., & Tan, C. X. (2008). Strategic maneuvers for outsourcing flexibility: An
empirical assessment. Decision Sciences, 39(3), 407–443.
Siegel, J., & Perdue, J. (2012). Cloud services measures for global use: the service
measurement index (SMI). In IEEE SRII Global Conference (SRII) Annual
(pp. 411–415). San Jose, CA.
Sila, I. (2010). Do organisational and environmental factors moderate the effects of
Internet-based interorganisational systems on firm performance? European Journal
of Information Systems, 19(5), 581–600.
Silva Molina, E. J., Plazaola, L., Flores, J., & Vargas, N. (2005). How to identify and
measure the level of alignment between IT and business governance. In PICMET.
Portland, OR, USA.
Simonsson, M., & Johnson, P. (2006). Assessment of IT governance – A prioritization
of cobit. In Proceedings of the Conference on Systems Engineering Research. Los
Angeles, CA, December. Retrieved from http://sse.stevens.edu/fileadmin/cser/2006/
papers/151-Simonsson-Assessment of IT Governance.pdf
Simonsson, M., Johnson, P., & Wijkström, H. (2007). Model-based IT governance matu-
rity assessments with COBIT. In ECIS (pp. 1276–1287). St. Gallen, Switzerland.
Singh, M. P., Huhns, M. N., & Huhns, M. N. (2005). Service-oriented computing: semantics,
processes, agents. Hoboken, NJ: John Wiley & Sons.
Sitaram, D., & Manjunath, G. (2012). Moving to the cloud. Moving To The Cloud, 2(1),
1–10. https://doi.org/10.1016/C2010-0-66389-9
Skafi, M., Yunis, M. M., & Zekri, A. (2020). Factors influencing SMEs’ adoption of cloud
computing services in Lebanon: An empirical analysis using TOE and contextual the-
ory. IEEE Access, 8, 79169–79181. https://doi.org/10.1109/ACCESS.2020.2987331
Skinner, W. (1969). Manufacturing-missing link in corporate strategy. Harvard Business
Review, 47(3), 136–145.
Small, A. W., & Downey, E. A. (1996). Orchestrating multiple changes: A framework for
managing concurrent changes of varied type and scope. In IEMC 96 proceedings.
International conference on engineering and technology management. managing vir-
tual enterprises: A convergence of communications, computing, and energy technolo-
gies, Atlanta, GA, USA. IEEE, pp. 627–634.
Soltero, C., & Boutier, P. (2017). The 7 Kata: Toyota Kata, TWI, and lean training. Boca
Raton, FL: CRC Press.
Sonehara, N., Echizen, I., & Wohlgemuth, S. (2011). Isolation in cloud computing and
privacy-enhancing technologies: Suitability of privacy-enhancing technologies
for separating data usage in business processes. Business and Information Systems
Engineering, 3(3), 155–162. https://doi.org/10.1007/s12599-011-0160-x
Stanoevska, K., Wozniak, T., & Ristol, S. (2009). Grid and cloud computing: a business per-
spective on technology and applications. Berlin: Springer Science & Business Media.
Stein, M. K., Galliers, R. D., & Whitley, E. A. (2016). Twenty years of the European infor-
mation systems academy at ECIS: Emergent trends and research topics. European
Journal of Information Systems, 25(1), 1–15. https://doi.org/10.1057/ejis.2014.25
Stettina, C. J., & Kroon, E. (2013, June). Is there an agile handover? An empirical study of
documentation and project handover practices across agile software teams. In 2013
International Conference on Engineering, Technology and Innovation (ICE) & IEEE
International Technology Management Conference (pp. 1–12). IEEE.
Stettina, C. J., Zhao, Z., Back, T., & Katzy, B. (2013). Academic education of software
engineering practices: Towards planning and improving capstone courses based
upon intensive coaching and team routines. In Software engineering education con-
ference, proceedings, San Francisco, USA, pp. 169–178.
Reference 179
Steuperaert, D. (2019). COBIT 2019: A significant update. EDPACS, 59(1), 14–18. https://
doi.org/10.1080/07366981.2019.1578474
Strange, R., & Zucchella, A. (2017). Industry 4.0, global value chains and international
business. Multinational Business Review, 25(3), 174–184.
Strauss, A., & Corbin, J. (1998). Basics of qualitative research: Procedures and techniques for
developing grounded theory. Thousand Oaks, CA: Sage.
Sultan, N. (2010). Cloud computing for education: A new dawn? International Journal of
Information Management, 30(2), 109–116. https://doi.org/10.1016/j.ijinfomgt.2009.09.004
Susarla, A., Barua, A., & Whinston, A. B. (2006). Understanding the ‘service’component
of application service provision: an empirical analysis of satisfaction with ASP ser-
vices. In R. Hirschheim, A. Heinzl, & J. Dibbern (Eds.), Information systems out-
sourcing (pp. 481–521). Berlin: Springer.
Swafford, P. M. (2004). Theoretical development and empirical investigation of supply chain
agility. Atlanta, GA: Georgia Institute of Technology.
Swafford, P. M., Ghosh, S., & Murthy, N. (2008). Achieving supply chain agility through
IT integration and flexibility. International Journal of Production Economics, 116(2),
288–297. https://doi.org/https://doi.org/10.1016/j.ijpe.2008.09.002
Takeuchi, H., & Nonaka, I. (1986). The new product development game. Harvard Business
Review, 64(1), 137–146.
Tan, B., Pan, S. L., Lu, X., & Huang, L. (2009). Leveraging digital business ecosystems for
enterprise agility: The tri-logic development strategy of Alibaba.Com. In ICIS 2009
proceedings - Thirtieth international conference on information systems, Phoenix,
AZ, USA.
Tan, C., & Sia, S. K. (2006). Managing flexibility in outsourcing. Journal of the Association
for Information Systems, 7(4), 10.
Tan, W. G., Cater-Steel, A., & Toleman, M. (2009). Implementing IT service management:
A case study focussing on critical success factors. Journal of Computer Information
Systems, 50(2), 1–12.
Tan, X., & Ai, B. (2011). The issues of cloud computing security in high-speed railway.
In IEEE International Conference on Electronic and Mechanical Engineering and
Information Technology (EMEIT) (Vol. 8, pp. 4358–4363).
Tankard, C., & Pathways, D. (2016). What the GDPR means for. Network Security, 2016(6),
5–8. https://doi.org/10.1016/S1353-4858(16)30056-3
Tanriverdi, H., Rai, A., & Venkatraman, N. (2010). Research commentary – Reframing
the dominant quests of information systems strategy research for complex adaptive
business systems. Information Systems Research, 21(4), 822–834.
Tashakkori, A., & Creswell, J. W. (2007). Editorial: The new era of mixed methods. Journal
of Mixed Methods Research, 1, 3–7. https://doi.org/10.1177/2345678906293042
Teece, D., & Pisano, G. (1994). The dynamic capabilities of firms: An introduction.
Industrial and Corporate Change, 3(3), 537–556.
Termini, M. J. (1996). The new manufacturing Engineer: Coming of age in an agile environ-
ment. ISBN: 978-0872634794. Southfield, MI: Society of Manufacturing Engineers.
Thiesse, F., Staake, T., Schmitt, P., & Fleisch, E. (2011). The rise of the “next-generation
bar code”: An international RFID adoption study. Supply Chain Management,
16(5), 328–345. https://doi.org/10.1108/13598541111155848
Thomas, M. A., Redmond, R. T., & Weistroffer, H. R. (2009). Moving to the cloud:
Transitioning from client-server to service architecture. Journal of Service Science,
2(1), 1–10.
Thomson, S. B. (2010). Grounded theory - Sample size. Journal of Administration and
Governance, 5(1), 45–52.
Tidd, J. B., & Bessant, J. (1997). Managing innovation, integrating technological, market and
organisational change. Chichester: John Wiley & Sons.
180 Reference
Tiwana, A., Konsynski, B., & Bush, A. A. (2010). Research commentary – Platform evolu-
tion: Coevolution of platform architecture, governance, and environmental dynam-
ics. Information Systems Research, 21(4), 675–687.
Towill, D., & Christopher, M. (2002). The supply chain strategy conundrum: To be lean or
agile or to be lean and agile? International Journal of Logistics, 5(3), 299–309.
Tornatzky, L. G., Fleischer, M., & Chakrabarti, A. K. (1990). The processes of techno-
logical innovation. Issues in organization and management series. Lexington Books.
Retrieved from Http://Www.Amazon.Com/Processes-Technological-Innovation-
Organization/Management/Dp/0669203483. Accessed on June 10, 2013.
Trabelsi, L., & Abid, I. H. (2013). Urbanization of information systems as a trigger for
enhancing agility: A state in the Tunisian firms. European Journal of Business and
Management, 5(5), 63–77.
Trigueros-Preciado, S., Pérez-González, D., & Solana-González, P. (2013). Cloud computing in
industrial SMEs: Identification of the barriers to its adoption and effects of its applica-
tion. Electronic Markets, 23(2), 105–114. https://doi.org/10.1007/s12525-012-0120-4
Trisha, G., Glenn, R., Fraser, M., Paul, B., & Olivia, K. (2004). Diffusion of innovations
in service organizations: systematic review and recommendations. The Milbank
Quarterly, 82(4), 581–629. https://doi.org/10.1111/j.0887-378X.2004.00325.x
Truex, D. P., Baskerville, R., & Klein, H. (1999). Growing systems in emergent organiza-
tions. Communications of the ACM, 42(8), 117–123.
Tsai, M.-C., Lee, W., & Wu, H.-C. (2010). Determinants of RFID adoption intention:
Evidence from Taiwanese retail chains. Information & Management, 47(5), 255–261.
https://doi.org/https://doi.org/10.1016/j.im.2010.05.001
Tucci, J., Mitchell, J., & Goddard, C. (2007). Children’s fears, hopes and heroes. Melbourne:
Australian Childhood Foundation, June.
Turban, E. (2007). Information technology for management: Transforming organizations in
the digital economy. Hoboken, NJ: John Wiley & Sons, Inc.
Turel, O., & Bart, C. (2014). Board-level IT governance and organizational performance.
European Journal of Information Systems, 23(2), 223–239.
Upton, D. M. (1994). The management of manufacturing flexibility. California Management
Review, 36(2), 72–89.
Valentine, E. L. H. (2016). Enterprise technology governance: New information and technol-
ogy core competencies for boards of directors. Doctoral Dissertation, Queensland
University of Technology, Brisbane, Australia (pp. 1–295). https://doi.org/10.13140/
RG.2.2.34027.95529
Van Grembergen, W. (Ed.). (2004). Strategies for information technology governance. Igi
Global.
van Grembergen, W., & De Haes, S. (2009a). Enterprise governance of information tech-
nology: achieving strategic alignment and value. Springer Science & Business Media.
van Grembergen, W., & De Haes, S. (2009b). COBIT as a framework for enterprise govern-
ance of IT BT. In S. De Haes & W. Van Grembergen (Eds.), Enterprise governance
of information technology: Achieving strategic alignment and value (pp. 137–164).
Boston, MA: Springer. https://doi.org/10.1007/978-0-387-84882-2_5
van Grembergen, W., De Haes, S., & Guldentops, E. (2004). Structures, processes and rela-
tional mechanisms for IT governance. In Strategies for information technology gov-
ernance (pp. 1–36). Hershey, PA: Igi Global.
Van Hoek, R. I., Harrison, A., & Christopher, M. (2001). Measuring agile capabilities in
the supply chain. International Journal of Operations and Production Management,
21(1–2), 126–147.
Vaughan-Nichols, S. J. (2002). Web services: Beyond the hype. Computer, 35(2), 18–21.
Vázquez-Bustelo, D., Avella, L., & Fernández, E. (2007). Agility drivers, enablers and
outcomes. International Journal of Operations & Production Management, 27(12),
1303–1332. https://doi.org/10.1108/01443570710835633
Reference 181
Venkatesh, V., & Brown, S. A. (2013). Research essay bridging the qualitative – Quantitative
divide: Guidelines for conducting mixed methods. MIS Quarterly, 37, 21–54.
Von Solms, B. (2005). Information security governance: COBIT or ISO 17799 or both?
Computers and Security, 24(2), 99–104. https://doi.org/10.1016/j.cose.2005.02.002
Vouk, M. A. (2008). Cloud computing –Issues, research and implementations. In ITI 2008
– 30th International Conference on Information Technology Interfaces (pp. 235–246).
Dubrovnik, Croatia. https://doi.org/10.1109/ITI.2008.4588381
Wagire, A. A., Rathore, A. P. S., & Jain, R. (2019). Analysis and synthesis of industry 4.0
research landscape. Journal of Manufacturing Technology Management.
Wagire, A. A., Rathore, A. P.S., & Jain, R. (2020). Analysis and synthesis of industry 4.0
research landscape: Using latent semantic analysis approach. Journal of Manufacturing
Technology Management, 31(1), 31–51.
Walls, J. G., Widmeyer, G. R., & El Sawy, O. A. (1992). Building an information system
design theory for vigilant EIS. Information Systems Research, 3(1), 36–59.
Walterbusch, M., Martens, B., & Teuteberg, F. (2013). Evaluating cloud computing services
from a total cost of ownership perspective. Management Research Review, 36(6),
613–638. https://doi.org/10.1108/01409171311325769
Walters, G. J. (2001). Privacy and security: An ethical analysis. ACM SIGCAS Computers
and Society, 31(2), 8–23.
Wang, H. (2010). Privacy-preserving data sharing in cloud computing. Journal of
Computer Science and Technology, 25(3), 401–414. https://doi.org/10.1007/s11390-
010-9333-1
Wang, N., Xue, Y., Liang, H., & Ge, S. (2011). The road to business-IT alignment: A
case study of two chinese companies. Communications of AIS, 2011(28), 415–436.
Retrieved from http://content.ebscohost.com/ContentServer.asp?T=P&P=AN&
K=70400209&S=R&D=buh&EbscoContent=dGJyMNLe80Sep7A4yOvqOLC
mr0qeprJSsai4TLSWxWXS&ContentCustomer=dGJyMPGnr0m0r7JJuePfgeyx
44Dt6fIA%5Cnhttp://www.redi-bw.de/db/ebsco.php/search.ebscohost.com/login.
aspx?d
Wang, X., Conboy, K., & Pikkarainen, M. (2012). Assimilation of agile practices in use.
Information Systems Journal, 22(6), 435–455.
Wang, Y.-M., Wang, Y.-S., & Yang, Y.-F. (2010). Understanding the determinants of
RFID adoption in the manufacturing industry. Technological Forecasting and Social
Change, 77(5), 803–815.
Wang, Z., Li, B., Sun, L., & Yang, S. (2012). Cloud-based social application deployment
using local processing and global distribution. In Proceedings of the 8th International
Conference on Emerging Networking Experiments and Technologies (pp. 301–312).
Nice, France. https://doi.org/10.1145/2413176.2413211
Warland, C., & Ridley, G. (2005). Awareness of IT control frameworks in an australian
state government: A qualitative case study. In Proceedings of the 38th Annual Hawaii
International Conference on System Sciences (pp. 236b–236b). Big Island, HI, USA.
https://doi.org/10.1109/HICSS.2005.116
Webb, P., Pollard, C., & Ridley, G. (2006). Attempting to define IT governance: Wisdom
or folly? In Proceedings of the Annual Hawaii International Conference on System
Sciences (Vol. 8(C), pp. 1–10). Kauai, HI, USA. https://doi.org/10.1109/HICSS.
2006.68
Weill, P., & Ross, J. W. (2004). How top performers manage IT decisions rights for superior
results. In IT Governance (pp. 1–10). Boston, MA: Harvard Business School Press.
https://doi.org/10.2139/ssrn.664612
Weinhardt, C., Anandasivam, A., Blau, B., Borissov, N., Meinl, T., Michalk, W., & Stößer,
J. (2009). Cloud computing – A classification, business models, and research direc-
tions. Business & Information Systems Engineering, 1(5), 391–399. https://doi.
org/10.1007/s12599-009-0071-2
182 Reference
Wenzler, I. (2005), Development of an asset management strategy for a network util-

ity company: Lessons from a dynamic business simulation approach. Simulation
Gaming, 36(1), 75–90.
West, L. A. Jr, & Hess, T. J. (2002). Metadata as a knowledge management tool: support-
ing intelligent agent and end user access to spatial data. Decision Support Systems,
32(3), 247–264.
Wickramasinghe, N. (2003). Do we practise what we preach? Are knowledge management
systems in practice truly reflective of knowledge management systems in theory?
Business Process Management Journal, 9(3), 295–316.
Wiederhold, G. (1992). Mediators in the architecture of future information systems.
Computer, 25(3), 38–49.
Willcocks, L. (2013). Information management: The evaluation of information systems
investments. Berlin: Springer. https://doi.org/10.1007/978-1-4899-3208-2
Williams, S. P., Hardy, C. A., & Holgate, J. A. (2013). Information security governance
practices in critical infrastructure organizations: A socio-technical and institu-
tional logic perspective. Electronic Markets, 23(4), 341–354. https://doi.org/10.1007/
s12525-013-0137-3
Willmott, P. (1994). Total productive maintenance. Oxford: Butterworth-Heinemann.
Winniford, M., Conger, S., & Erickson-Harris, L. (2009). Confusion in the ranks: IT ser-
vice management practice and terminology. Information Systems Management,
26(2), 153–163.
Womack, J. P., Womack, J. P., Jones, D. T., & Roos, D. (1990). Machine that changed the
world. New York, NY: Simon and Schuster.
Woo, H., Lee, S., Huh, J.-H., & Jeong, S. (2020). Impact of ITSM military service quality
and value on service trust. Journal of Multimedia Information System, 7(1), 55–72.
https://doi.org/10.33851/JMIS.2020.7.1.55
Wood, D. J. (2010). Assessing IT governance maturity: The case of San Marcos,Texas.
Masters Thesis, Texas State University, San Marcos, TX.
Wu, L., Yue, X., Jin, A., & Yen, D. C. (2016). Smart supply chain management: A review
and implications for future research. International Journal of Logistics Management,
27(2), 395–417.
Wu, W.-W. (2011). Mining significant factors affecting the adoption of SaaS using the
rough set approach. Journal of Systems and Software, 84(3), 435–441.
Wu, W.-W., Lan, L. W., & Lee, Y.-T. (2011). Exploring decisive factors affecting an
organization’s SaaS adoption: A case study. International Journal of Information
Management, 31(6), 556–563.
Wu, Y. (2019). IS-enabled supply chain agility. In Achieving supply chain agility (pp. 11–66).
Berlin: Springer.
Wu, Y., Cegielski, C. G., Hazen, B. T., & Hall, D. J. (2013). Cloud computing in support of
supply chain information system infrastructure: Understanding when to go to the
cloud. Journal of Supply Chain Management, 49(3), 25–41.
Xiao, H., Ford, B., & Feigenbaum, J. (2013). Structural cloud audits that protect private
information. In Proceedings of the 2013 ACM Workshop on Cloud Computing Security
Workshop (pp. 101–112). Berlin, Germany. https://doi.org/10.1145/2517488.2517493
Xiaoying, D., Qianqian, L., & Dezhi, Y. (2008). Business performance, business strategy,
and information system strategic alignment: An empirical study on chinese firms.
Tsinghua Science and Technology, 13(3), 348–354. https://doi.org/10.1016/S1007-
0214(08)70056-7
Xu, J., & Quaddus, M. (2012). Examining a model of knowledge management systems
adoption and diffusion: A Partial Least Square approach. Knowledge-Based Systems,
27, 18–28.
Xue, Y., Liang, H., & Boulton, W. R. (2008). Information technology governance in infor-
mation technology investment decision processes: The impact of investment char-
acteristics, external environment, and internal context. MIS Quarterly: Management
Reference 183
Information Systems, 32(1), 67–96. Retrieved from https://www.jstor.org/sta-

ble/10.2307/25148829.
Yang, H., Huff, S. L., & Tate, M. (2013). Managing the cloud for information systems agil-
ity. In A. Bento & A. K. Aggarwal (Eds.), Cloud computing service and deployment
models: Layers and management (pp. 70–93). Hershey, PA: IGI Global. https://doi.
org/10.4018/978-1-4666-2187-9.ch004
Yang, H., & Tate, M. (2012). A descriptive literature review and classification of cloud
computing research. Communications of the Association of Information Systems,
31(2), 35–60. https://doi.org/10.1.1.261.3070
Yao, Z., & Wang, X. (2010). An ITIL based ITSM practice: A case study of steel manufac-
turing enterprise. In 2010 7th international conference on service systems and service
management, proceedings of ICSSSM’ 10, Tokyo, Japan: IEEE, pp. 423–427.
Yoon, Y., Guimaraes, T., & O’Neal, Q. (1995). Exploring the factors associated with expert
systems success. MIS Quarterly, 19, 83–106.
Yusuf, I. I., & Schmidt, H. W. (2013). Parameterised architectural patterns for provid-
ing cloud service fault tolerance with accurate costings. In Proceedings of the 16th
International ACM Sigsoft Symposium on Component-Based Software Engineering
(pp. 121–130). Vancouver, Canada. https://doi.org/10.1145/2465449.2465467
Yusuf, Y. Y., Gunasekaran, A., Adeleye, E. O., & Sivayoganathan, K. (2004). Agile sup-
ply chain capabilities: Determinants of competitive objectives. European Journal
of Operational Research, 159(2), 379–392. https://doi.org/https://doi.org/10.1016/
j.ejor.2003.08.022
Yusuf, Y. Y., Sarhadi, M., & Gunasekaran, A. (1999). Agile manufacturing: The drivers,
concepts and attributes. International Journal of Production Economics, 62(1), 33–43.
https://doi.org/https://doi.org/10.1016/S0925-5273(98)00219-9
Zhang, Z., & Sharifi, H. (2000). A methodology for achieving agility in manufacturing
organizations. International Journal of Operations & Production Management, 20(4),
496–512. https://doi.org/10.1108/01443570010314818
Zheng, J., Ng, T. S. E., & Sripanidkulchai, K. (2011). Workload-aware Live Storage
Migration for Clouds. In Proceedings of the 7th ACM SIGPLAN/SIGOPS
International Conference on Virtual Execution Environments (pp. 133–144). Newport
Beach, CA, USA. https://doi.org/10.1145/1952682.1952700
Zheng, Y., Venters, W., & Cornford, T. (2011). Collective agility, paradox and organi-
zational improvisation: The development of a particle physics grid. Information
Systems Journal, 21(4), 303–333.
Zhou, S., Qiao, Z., Du, Q., Wang, G. A., Fan, W., & Yan, X. (2018). Measuring Customer
Agility from Online Reviews Using Big Data Text Analytics. Journal of Management
Zhu, K. (2004). The complementarity of information technology infrastructure and
e-commerce capability: A resource-based assessment of their business value.
Journal of Management Information Systems, 21(1), 167–202. https://doi.org/10.1080/
07421222.2004.11045794
Zhu, K., Dong, S., Xu, S. X., & Kraemer, K. L. (2006). Innovation diffusion in global
contexts: determinants of post-adoption digital transformation of European com-
panies. European Journal of Information Systems, 15(6), 601–616.
Zhu, K., & Kraemer, K. L. (2005). Post-adoption variations in usage and value of e-business
by organizations: cross-country evidence from the retail industry. Information Systems
Research, 16(1), 61–84.
Zhu, K., Kraemer, K., & Xu, S. (2003). Electronic business adoption by European firms:
a cross-country assessment of the facilitators and inhibitors. European Journal of
Zhu, K., Kraemer, K. L., & Xu, S. (2006). The process of innovation assimilation by firms
in different countries: a technology diffusion perspective on e-business. Management
Science, 52(10), 1557–1576.
184 Reference
Zhu, Y., Li, Y., Wang, W., & Chen, J. (2010). What leads to post-implementation success
of ERP? An empirical study of the Chinese retail industry. International Journal of
Information Management, 30(3), 265–276.
Zviran, M. (1990). Relationships between organizational and information systems objec-
tives: some empirical evidence. Journal of Management Information Systems, 7(1),
65–84.
Zwass, V. (1992). Management information systems. Dubuque, IA: William C. Brown
Publishers.
Index
Advanced Research Programs research, 62

Agency, 9 role, 3–4
Agile, 53 Agility DataBase Provider (DBPA),
continuous delivery methods, 25–27 87–88
manifesto, 26 Agility Forum, 9
Agile enterprises, 22, 121 Agility management (AM), 72, 103–106
conceptual model for, 75 Align, Plan, and Organize (APO), 48
Agile management paradigm Alpha error. See Type I error
evolution, 18 Amazon, 118
agile continuous delivery methods, Amazon Elastic Compute Cloud
25–27 (EC2), 120
change and uncertainty mastering, Amazon Simple Storage Service (S3),
21 120
change management, 18–20 Artisanal production, 10
work on agility, 21–25 Atapattu and Sedera’s process, 76–78
Agile manufacturing (AM), 4, 10–11, Attainment model, 102–103
13–14, 20–22 Attributes of agility, 25
enterprise, 24 Automation, 5
paradigm, 73 Autonomy of enterprise application,
structure, 23 36–37, 40
Agility, 1–3, 9–10, 20, 23, 61–62, 97, Awareness, 132, 142
119, 129. See also Business
Block, 60
agility; Information system
Board of Directors, 43
(IS)
Build, Acquire, and Implement
attributes and skills, 25
(BAI), 48
background of significant changes
Business
underlying, 10–13
capability, 83
competencies and skills of IS
competition, 13
professionals, 65 objectives method, 95
components, 81 practices, 1
definitions, 69–70 Business agility, 5. See also Agility
dimensions, 10 through CRM for customer
drivers, 75, 81–82 satisfaction, 77–78
factors, 23, 24 IT as business agility obstacle, 4–5
ISD, 65 IT at service of, 5
of IT infrastructure design, 66
in ITSM, 96–99 Cabled IT architectures, 4
production modes development Capability Maturity Model (CMM),
and agility paradigm, 12 49, 54
186 Index
Capability Maturity Model Competencies of IS professionals, 65

Integration (CMMI), Competitive pressure, 133
42–43, 53–55 Complexity, 131, 141
Capability of IS Agility, 81 factors, 40–41, 141
CapEx, 121 Conceptual model
Cascade Development, 26 to achieve IS agility, 84–85
CEO, 1, 5, 43 for agile enterprise, 75
Change DBPA, 87–88
in entrepreneurial organization, 21 level of agility need, 88–89
management, 18–20 proposed model contribution, 89–90
Change Management Advisory security policy, 89
Boards (CABs), 51 sensing, 85–87
CIO, 30, 41, 43 for supply chain agility, 76
Cloud computing, 117–118 Consumer demands, 10
adoption determinants, 7 Continual quality improvement, 110
combining DOI and TOE, 125, 128 Continuous improvement, 19
factors studied influencing cloud Control activities, 57
adoption, 126–127 “Control and control” type services, 94
goals and objectives of research Cost-savings, 130, 140
study, 119–120 Crocitto and Youssef’s process, 73–74
impact on information systems Customer Relationship Management
agility, 146–147 (CRM), 30
literature review, 120–121 business agility for customer
quantitative methodology, 135–150 satisfaction, 77–78
research methods, 133–135
research model and hypotheses, Dashboards, 42
128–133 Data
studies, 122–123 analysis, 109–110
theoretical foundation, 121, 124–125 collection, 107, 135
Cloud System (HP), 131 processing systems, 30
Cloud-hosted services, 42 sovereignty, 133, 142
“Cloud” metaphor, 120 Decision-making system, 34
COBIT, 42, 45–50, 94, 99 Deliver, Service, and Support (DSS), 48
COBIT 2019, 49–50 Demographic information, 145
COBIT 5 PRM, 48–49 Department of Defense, 3
Cocreation, 52 Department of Information Systems, 67
Commercial and competitive sensing, 86 Deployment pipeline, 26
Committee of Sponsoring Developing Improvement Action
Organizations of Treadway Plans, 111–112
Commission (COSO), 44, DevOps, 26, 50–51, 53, 95, 97, 98,
55–57 105–106, 113
Communication, 57 agility, 104
Company information systems, 42 ITSM maturity model, 107
Company strategy, 38–40 Diffusion of innovation (DOI), 120,
Compatibility, 61, 131, 140 124–128
Competence, 132, 142 Digital technology, 42
Index 187
Discover Do, Act, and Optimize Firm size, 132

(DDAO), 110–114 First generation information systems, 29
Distribution of enterprise application, Flat Business-IT alignment, 4
37 Flexibility, 1, 10, 42, 59, 60–61
Dynamic capacity, 19 Flexible manufacturing, 10
Dynamism of enterprise application, Fourth industrial revolution. See
38, 40–41 Industry 4.0
EIS governance, 42–47. See also General Electric (GE), 1

Enterprise Information GoGrid, 120
Systems (EISs) Google, 117, 118
CMMI, 53–55 Google AppEngine, 120
COBIT, 47–50 Guiding principles, 53
COSO, 55–57 Gunasekaran and Yusuf’s process,
LIBRARY, 51–53 72–73
Elastic Cloud (Oracle), 131
Enterprise application Heterogeneity, 40
autonomy, 36–37 Heterogeneity of enterprise
characteristics, 35 application, 37
concepts, 35–36 Hypobook, 145
dimensions, 36
distribution, 37 IBM, 117
dynamism, 38 Industry 4.0, 13, 41
features, 35–36 Information, 57
heterogeneity, 37 Information system (IS), 30, 33–35,
Enterprise information systems 68. See also Enterprise
(EISs), 2, 33, 35. See also Information Systems (EISs)
Information system (IS) complexity factors, 40–41
and company strategy, 38–40 definition and objective, 32–33
complexity, 40 enterprise application, 35–36
evolution of, 41–42 evolution, 31
Enterprise risk management (ERM), 56 factors influencing, 71
Enterprise size factor, 141–142 integration to improve supply
Entrepreneurial organization, 21 chain agility, 80
Environmental context, 133, 142 resources, 34
Evaluate, Direct, and Monitor structure, 33
(EDM), 48 systemic view of company and
Event identification, 56 environment, 32, 35
Event management, 51 urbanization of, 59–60
Everyday computing, 31 Information system agility (IS agility)
Evolution, 40–41 Atapattu and Sedera’s process, 76–78
agile management paradigm, capability, 81
18–27 cloud computing impact on, 146–147
of EISs, 41–42 critic’s, 80–81
of IS, 31 Crocitto and Youssef’s process, 73–74
of production modes, 15 discussion, 79–80
188 Index
Gunasekaran and Yusuf’s process, Infrastructure as a Service (IaaS),

72–73 120, 149–150
Lin, Chiu, and Tseng’s process, Innovation
74–75 characteristics, 129–131, 136,
Morton, Stacey, and Mohn’s 140–141
process, 78 management, 10
Park, El Sawy, and Fiss’s process, 78 Internal control model, 55
Ramesh, Mohan, and Cao’s Internal environment, 56
process, 75–76 Internet, 30–31
Swafford, Ghosh, and Murthy’s Internet of Things (IoT), 42
process, 75 Interview design, 144
types of research components, 83 ISO 2000, 99
Wu’s process, 78–79 ISO 20000, 94
Zhang and Sharifi’s process, 72 ISO/IEC 15504 PCM, 49
Information systems development IT Governance Model
(ISD), 65 dimension, 46
Information Systems’ Audit and extended, 45
Control Association ITSM Maturity Assessment
(ISACA), 47 Interview, 153–157
Information technology (IT), 1,
29–31, 117 Just in time principles (JIT
agility, 1–2, 5–6, 58 principles), 4, 11, 15–16
agility management, 101
asset management, 100–101 “Key informant” approach, 135
as business agility obstacle, 4–5 Killer application, 29
contributions and relevance, 6–7 Knowledge, 22
infrastructure design, 66 Knowledge management systems
research design, 6 (KMS), 32
research objective, 5–6
security management, 101 Lean, 10, 53, 98
service management, 100 manufacturing, 10–11, 14–17
service management tools, 93 operations, 25
at service of business agility, 5 production, 4
Information Technology Service LIBRARY (ITIL), 43–46, 51, 94, 99
Management (ITSM), 6, ITIL 4 Edition, 98
93–96 of ITIL v4 Structure, 52–53
agility in, 96–99 Lin, Chiu, and Tseng’s process, 74–75
assessment score, 110
audit score, 110, 111 Management information system
continual IT improvement, 114 (MIS), 30, 34
Devops ITSM Maturity Model, 107 Management services, 30
maturity score, 111 Manufacturing Trilogy of JIT, TQ,
use case, 106–115 and TI, 15–16
Information technology/information Mass production, 10–11
system (IT/IS), 60–61 Maturity, 102–103
Index 189
Maturity Assessment Roadmap, 158 Production method trends, 13–14

Measurement model, 135 evolution of production modes, 15
Microsoft, 118 lean manufacturing, 14–17
Microsoft Azure, 120 quality management, 17–18
Modern information system Project management, 54
efficiency, 33 Proposed ITSM framework, 108
Monitor, Evaluate, and Assess agility management, 103–106
(MEA), 48 attainment model, 102–103
Monitoring, 57 capabilities, 100–101
Morton, Stacey, and Mohn’s continual quality improvement, 110
process, 78 maturity profile, 99, 102
overview, 99
Neighborhood, 60
Quality management, 17–18
Objective setting, 56 Quantitative methodology
Open standards-based information cloud usage by deployment
systems, 5 model, 148
Operating system, 34 combined frequency distributions,
Opportunity management, 10 149
Organizational agility (OA), 73 data collection, 135
model, 74 discussion and interpretations, 142
Organizational context, 132, 141–142 environmental context, 142
Organizational strategy, 39 finding, 136, 140–141
Organizations, 33 Hypobook, 145
mean and standard deviation, 400
Parametric tests, 145 measurement model, 135
Park, El Sawy, and Fiss’s process, 78 organizational context, 141–142
Personnel capability, 83 qualitative study, 142–145
Piloting system, 34 quantitative factors, 137–139
Plan-do-check-act (PDCA), 99 result discussion, 149–150
Platform as a Service (PaaS), 120, 149 results, 135–136
PMBOK, 47 results, 148
Practices, 53 technology readiness, 141
Practitioner principles, 53 Questionnaire design, 144–145
Privacy, 130
Process, Organization, Information, Rackspace, 120
Resource, and Environment Ramesh, Mohan, and Cao’s process,
(POIRE), 76 75–76
Process, Technology, Manpower Rational Unified Process, 26
(people), Organization, and Relative advantage, 130
Security, 94 Research model and hypotheses, 128
Process Capability Model (PCM), 49 environmental context, 133
Process Maturity Framework innovation characteristics, 129–131
(PMF), 95 organization context, 132
Process Reference Model (PRM), 48 technological readiness, 131
190 Index
Responsible, Accountable, Consulted, conceptual model for supply chain

and Informed matrix agility, 76
(RACI matrix), 48 IS integration to improve, 80
Risk Swafford, Ghosh, and Murthy’s
assessment, 56 process, 75
response, 56
Robotics, 42 Taylorism, 11
Team Involvement (TI), 15–16
Salesforce, 120 Technical capability, 81
Sample size, 143 Technological readiness, 131, 141
Sarbanes-Oxley (SOX), 45 Technology, 106
Scientific sensing, 86 TOE, 121, 124–128
Scrum, 25–26 Top management support, 132
Security, 130 Total Quality (TQ), 15–16
policy, 89 Total Quality Management
Security policy for IS (PSIS), 90 (TQM), 17–18, 22
Sensing, 85 Toyota Kata, 26–27
phase, 88 Trust, 130
types, 86–87 Twenty-first century Enterprise
Service Desk, 51 Manufacturing Strategy
Service management dimensions, 52 Report, 20
Service Strategy process, 95 21st Century Manufacturing
Service value chain (SVC), 52 Enterprise Strategy, 3–4, 14
Service Value System (SVS), 52, 98 Type I error, 143
Single point of contact (SPOC), 100 Type II error, 143
Skills
of agility, 25 Uncertainty mastering in
of IS professionals, 65 entrepreneurial
Social media sensing, 86–87 organization, 21
Societal sensing, 86 Urbanization, 57
Software as a Service (SaaS), 121, 149 of information system, 59–60
Software Development, 80 metaphor of city, 57–59
Software Engineering Institute US Department of Defense
(SEI), 49, 54 (DoD), 54
Spotify, 53
Steel Manufacturing Enterprise Value, 52
(SMC), 95 Value-added production, 14
Strategic agility
executive IT leaders to, 79 Work on agility, 21–25
ITSM, 93–99, 106–115 World Wide Web, 30
proposed ITSM framework, 108–110 Wu’s process, 78–79
Strategic information systems, 31
Strategic sensing, 86–87 Zhang and Sharifi’s process, 72
Supply chain agility Zone, 60

O'Sullivan, K. (2008) - Strategic Knowledge Management in Multinational Organizations. IGI Global.

Uploaded by

Copyright:

Available Formats

O'Sullivan, K. (2008) - Strategic Knowledge Management in Multinational Organizations. IGI Global.

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

O'Sullivan, K. (2008) - Strategic Knowledge Management in Multinational Organizations. IGI Global.

Uploaded by

Copyright:

Available Formats

Strategic Information System Agility

This page intentionally left blank

United Kingdom – North America – Japan – India – Malaysia – China

First edition 2021

Copyright © 2021 Emerald Publishing Limited

Reprints and permissions service

No part of this book may be reproduced, stored in a retrieval system, transmitted in

British Library Cataloguing in Publication Data

ISBN: 978-1-80043-811-8 (Print)

List of Tables xiii

4.4 IS Agility Frameworks72

6.4 The Theoretical Foundation121

Fig. 1. The Overall Structure of the Book. 7

Fig. 37. DevOps Agility: Aligning People, Technology, and

Table 1. Research Questions. 6

ISSP Information Systems Security Policy

Strategic Information System Agility: From Theory to Practices, 1–8

1.2 Why Agility Now?

organization’s resources. To maintaining its competitiveness and perseverance

1.3 The Agility Role

1.4 IT as a Business Agility Obstacle

1.5 IT at the Service of Business Agility

1.6 Research Objective

Table 1 presents an overview of the sub-research questions in this study and

Table 1. Research Questions.

Research Question Chapter Number

1.7 Research Design

1.8 Contributions and Relevance

⦁⦁ The first contribution of this research is the literature review on IT agility. It is

⦁⦁ The third contribution identifies the determinants of cloud computing

1.9 Book Organization

Part 2: Review of literature and practice

Part 3: IS Agility Frameworks

Chapter IV Chapter V Chapter VI

Part 4: Conclusion and Future Works

Conclusion and open

Fig. 1. The Overall Structure of the Book.

Understanding Agility Concept

The ability to succeed in continuous and often unexpected environ-

Strategic Information System Agility: From Theory to Practices, 9–27

⦁⦁ Lean manufacturing: Eliminates waste and minimizes resource use.

⦁⦁ Outputs: “solution” products that enrich the customer.

2.2 Background of Significant Changes Underlying Agility

Its engagement for waste disposal. This is achieved by combining

Fig. 2. The Production Modes Development and Agility Paradigm.

Therefore, if the emergence of AM is above all correlated with changes in

2.3 Production Method Trends

2.3.1 Lean Manufacturing

Its engagement for waste disposal. This is achieved by combining

Fig. 3. The Evolution of Production Modes.

Fig. 4. The Manufacturing Trilogy of JIT, TQ, and TI.

lean company also requires supplier participation, distribution logistics, efficient

⦁⦁ the use of half the space;

To understand the lean production paradigm, Sharp et al. (1999) developed a

⦁⦁ a focus on the client’s interests;

2.3.2 Total Quality Management

Fig. 5. A Model of a TQM System Source.

2.4 Agile Management Paradigm Evolution

2.4.1 Change Management

List of Tables xiii

4.4 IS Agility Frameworks72

6.4 The Theoretical Foundation121

Fig. 1. The Overall Structure of the Book. 7

Fig. 37. DevOps Agility: Aligning People, Technology, and

Table 1. Research Questions. 6

ISSP Information Systems Security Policy