Towards better IT governance: A comprehensive IT internal control model for information technology firms

Abstract

Purpose- The primary objective of this study is to enhance IT governance within the information technology sector by developing a comprehensive IT Internal Control Model. This model is designed to address the unique and evolving challenges in IT internal control processes, providing a structured approach to risk optimization, resource optimization, and benefit management. By introducing this model, the study aims to offer IT firms a robust internal control model that can be adapted to their specific operational needs, promoting a more effective, efficient, and resilient IT governance structure. Methodology- A thorough literature review, incorporating a wide array of international sources, forms the foundation of this study. The research involved designing an IT Internal Control Model, informed by the processes observed at THY Technology. This model was then applied across 12 distinct operational processes, and feedback from stakeholders was systematically gathered through surveys to evaluate its practicality and impact. Findings- The feedback from stakeholders was predominantly positive, underscoring the model’s efficacy in bolstering IT governance. The model was praised for its thoroughness and adaptability, successfully addressing a broad spectrum of IT internal control issues while remaining flexible enough to be tailored to various IT environments. Conclusion- This study highlights the importance of dynamic and adaptable IT internal control model in the fast-paced technology sector. The developed IT Internal Control Model opens new avenues for research into effective governance practices and provides a valuable blueprint for IT firms seeking to enhance their governangfce and control mechanisms in a digitally-driven world. Keywords: IT internal control model, internal control, IT governance, IT compliance, continuous improvement JEL Codes: M15, M19, M42