Exploring the importance and implementation of COBIT processes in Saudi organizations: An empirical study

Abstract

Purpose The purpose of this paper is to explore the importance and implementation of the Control Objectives for Information and Related Technology (COBIT) processes in Saudi organizations. Design-methodology-approach An empirical survey, using a self-administered questionnaire, was conducted to achieve this purpose. A total of 500 questionnaires were distributed to a selected sample of organizations in Saudi Arabia. Of these, 127 valid questionnaires – representing 25.4 percent response rate – were collected and analyzed using the Statistical Package for Social Sciences (SPSS) version 16. Findings The results of this paper reveal that the majority of respondents perceive the importance of the COBIT processes and domains, but a lower percentage believe that such processes are adequately implemented in their organizations. It is observed that banks, financial institutions, and service organizations show more concern and application of COBIT processes compared with other organizations. The results also reveal that IT specialists, internal auditors, and executive managers perceive and appreciate the importance of COBIT processes more than the others. Practical implications The results of this paper will enable Saudi organizations to better understand, implement, evaluate, and manage information technology governance (ITG) for their businesses success. The paper provides useful information for executive managers, IT managers, accountants, auditors, and academics to understand the implementation phase and impact of COBIT on ITG in Saudi organizations. Originality-value The paper provides useful information for executive managers, IT managers, accountants, auditors, and academics, to understand the implementation phase and impact of COBIT on ITG in Saudi organizations. © 2009, Emerald Group Publishing Limited