Using Analytical Hierarchy Process (AHP) to Evaluate Barriers in Adopting Formal IT Governance Practices

Mohd Fairuz Iskandar Othman, Naim Che Pee, Yahaya Abdul Rahim, Hamzah Asyrani Sulaiman, Mohd Azlishah Othman, Mohamad Zoinol Abidin Abd. Aziz


The adoption of formal standards and frameworks that facilitate effective IT Governance (ITG) continues to be an important issues by todays’ CIO’s. Organisations continue to focus their attention on adopting these formal ITG practices. However, the adoption of formal ITG practice can be a major challenge due to the existence of several barriers. Therefore, this work aims to identify and evaluate barriers related to the adoption of formal ITG practice. A total of 10 barriers in adopting formal ITG practice are listed through literature and expert inputs. The listed barriers are then evaluated to determine their relative importance using an Analytical Hierarchy Process (AHP) technique. The usefulness of the proposed work is shown by taking the case example of a financial sector organisation in Malaysia. According to the findings, the category of barriers related to “Organisational factors” was attributed the highest importance among other barriers in adopting formal ITG practices. Overall, the purpose of this work is to aid managers and practitioners through important insights as well as support their decision-making in terms of managing formal ITG practice implementation issues in the financial sector, in an effective and efficient manner.


Adoption Barriers; Analytical Hierarchy Process (AHP); Financial Institutions; Formal ITG Practice;

Full Text:



E. M. Rogers, Diffusion of Innovations, 4th ed. New York, NY: Free Press, 1995.

E. L. Psomas, C. V. Fotopoulos, and D. P. Kafetzopoulos, "Motives, difficulties and benefits in implementing the ISO 14001 Environmental Management System," Management of Environmental Quality: An International Journal, vol. 22, pp. 502-521, 2011.

V. V. Fomin, L. Kaunas, H. J. de Vries, and Y. Barlette, "ISO/IEC 27001 Information Systems Security Management Standard: Exploring the Reasons for Low Adoption," in 3rd European Conference on Management Technology, Nice, France, 2008.

B. Abu Saad, F. A. Saeed, K. Alghathbar, and B. Khan, "Implementation of ISO 27001 in Saudi Arabia - Obstacles, Motivations, Outcomes and Lessons Learned," in 9th Australian Information Security Management Conference, Perth, Western Australia, 2011, pp. 1-9.

M. A. Delmas, "Barriers and Incentives to the Adoption of ISO 14001 by Firms in the United States," Duke Envtl. L. & Pol'y F., vol. 11, p. 1, 2000.

J. W. Thomas, S. Probets, R. Dawson, and T. King, "A Step Towards the Adoption of Standards Within the UK Ministry of Defence," International Journal of IT Standards & Standardization Research, vol. 6, p. 55, 2008.

M. Vogt, P. Küller, D. Hertweck, and K. Hales, "Adapting IT Governance Frameworks using Domain Specific Requirements Methods: Examples from Small & Medium Enterprises and Emergency Management," in 17th Americas' Conference on Information Systems (AMCIS), Detroit, MI, 2011.

P. Kuller, M. Vogt, D. Hertweck, and M. Grabowski, "IT Service Management for Small and Medium-Sized Enterprises: A Domain Specific Approach," Journal of Innovation Management in Small & Medium Enterprises, vol. 2012, p. 17pp, 2012.

M. Winniford, S. Conger, and L. Erickson-Harris, "Confusion in the Ranks: IT Service Management Practice and Terminology," Information Systems Management, vol. 26, pp. 153 - 163, 2009.

M. Hsu, "The challenges of implementing the ITIL Problem Management process in IT support organisations," Masters, School of Information Management, Victoria University of Wellington, Victoria, 2011.

B. O'Donohue, G. Pye, and M. J. Warren, "The Impact of ICT Governance within Australian Companies," in Information Technology Governance and Service Management: Frameworks and Adaptations, ed: IGI Global, 2009, pp. 163-177.

M. F. I. Othman, T. Chan, and G. Timbrell, "Barriers to Information Technology Governance Adoption: A Preliminary Empirical Investigation," in 15th IBIMA Conference on Knowledge Management and Innovation: A Business Competitive Edge Perspective, Cairo, Egypt, 2010.

M. F. I. Othman, T. Chan, and E. Foo, "IT Governance Adoption in Malaysia: A Preliminary Investigation," in 22nd Australasian Conference on Information Systems (ACIS), Sydney, Australia, 2011, p. 69.

M. Marrone, "ITIL and the Creation of Benefits: An Empirical Study on Benefits, Challenges and Processes," in 18th European Conference on Information Systems, Pretoria, South Africa, 2010, p. 66.

S. S. C. Shang and S. F. Lin, "Barriers to Implementing ITIL-A MultiCase Study on the Service-based Industry," Contemporary Management Research, vol. 6, pp. 53-70, 2010.

A. Cater-Steel, M. Toleman, and W. G. Tan, "Transforming IT Service Management – The ITIL Impact," in 17th Australasian Conference on Information Systems, Adelaide, Australia, 2006.

M. Sharifi, M. Ayat, A. A. Rahman, and S. Sahibudin, "Lessons Learned In ITIL Implementation Failure," in International Symposium on Information Technology (ITSim 2008), 2008, pp. 1-4.

M. L. Markus, "Power, politics, and MIS implementation," Communications of the ACM, vol. 26, pp. 430-444, 1983.

L. Lapointe and S. Rivard, "A Multilevel Model of Resistance to Information Technology Implementation," MIS Quarterly, vol. 29, pp. 461-491, 2005.

J. Bhattacharjya and V. Chang, "Adoption and Implementation of IT Governance: Cases from Australian Higher Education," in Information Technology Governance and Service Management: Frameworks and Adaptations, ed USA: Information Science Reference, 2008, pp. 82-100.

A. Subramanian and S. Nilakanta, "Organizational Innovativeness: Exploring the Relationship between Organizational Determinants of Innovation, Types Of Innovations, And Measures of Organizational Performance," Omega, vol. 24, pp. 631-647, 1996.

R. A. Wolfe, "Organizational Innovation: Review, Critique and Suggested Research Directions," Journal of Management Studies, vol. 31, pp. 405-431, 1994.

J. Bhattacharjya and V. Chang, "An Exploration of the Implementation and Effectiveness of IT Governance Processes in Institutions of Higher Education in Australia," in IT Audit - Strategic Measures for Performance, Value & Quality, B. Cusack, Ed., ed Auckland, New Zealand, 2006, pp. 153-163.

M. A. Massoud, R. Fayad, M. El-Fadel, and R. Kamleh, "Drivers, barriers and incentives to implementing environmental management systems in the food industry: A case of Lebanon," Journal of Cleaner Production, vol. 18, pp. 200-209, 2010.

R. Hillary, "Environmental management systems and the smaller enterprise," Journal of Cleaner Production, vol. 12, pp. 561-569, 2004.

P. J. DiMaggio and W. W. Powell, "The Iron Cage Revisited: Institutional Isomorphism and Collective Rationality in Organizational Fields," American Sociological Review, vol. 48, pp. 147-160, 1983.

A. Gillies, "Improving the quality of information security management systems with ISO27000," The TQM Journal, vol. 23, pp. 367-376, 2011.

K. Mathiyazhagan, K. Govindan, A. NoorulHaq, and Y. Geng, "An ISM approach for the barrier analysis in implementing green supply chain management," Journal of Cleaner Production, vol. 47, pp. 283- 297, 2013.

J. Wan, Q. Jiang, and Y. Zhu, "Research on Core Essential Elements for O2O Business Model with ANP," 2016.

J. Chen, "Studies on Economic-risk Assessment in China's Regional Industrial Transferring: Based on Improved TOPSIS Model," Studies, vol. 5, pp. 26-2012, 2012.

H.-b. Shi, H. Li, L. Liu, and L. Wang, "Sorting Online Reviews by Usefulness Based on the VIKOR Method," in WHICEB, 2012, p. 38.


  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.

ISSN: 2180-1843

eISSN: 2289-8131