Exploring COBIT Processes for ITG in Saudi Organizations An empirical Study

Control Objectives for Information and Related Tech nology (COBIT) has become one of the most important guidelines for information te chnology governance (ITG), which provides organizations with a useful tool to start evaluatin g their own ITG systems. COBIT introduces an ITG framework and supporting toolset that allows IT managers to bridge the gap between control requirements, technical issues and business risks. The objective of this study is to investigate the formality, auditing, responsibility and accountabil ity of implementing COBIT processes for ITG in Saudi organizations. An empirical survey, using a s elf-administered questionnaire, was conducted to achieve these objectives. Five hundred questionn a res were distributed to a sample of Saudi organizations in a selected number of Saudi cities. One hundred and twenty seven valid questionnaires – representing a 25.4 percent respon se rate –were collected and analyzed using the Statistical Package for Social Sciences (SPSS) vers ion 16. While the results of the study reveal that the majority of respondents reported that implement ing ITG COBIT processes and domains is the responsibility of IT departments in Saudi organizat ions, most of the respondents reported that the COBIT processes and domains are neither audited nor formally conducted in their organizations. From a practical standpoint, managers and practitio ners alike stand to gain from the findings of this study. The study provides useful information f or senior management, IT managers, accountants, auditors, and academics to understand the implementation phase and the impact of COBIT on ITG in Saudi organizations.