1844
E-Business Process Management and IT Governance
specify business activities as business processes,
and without realizing these tend to be e-business
processes. However, given the current business
conditions and a clear understanding by organiza-
tions about the complexities of their e-business
processes, management of e-business processes
is taking center stage (Smith et al., 2002). In
the current business scenario where e-business
processes, along with information are considered
key organizational assets and management of
business processes a strategic capability (Kalakota
& Robinson, 2003), it is imperative that organiza-
tions clearly delineate the need for relevant and
pertinent information as it provides visibility and
transparency. Additionally, IT being the single
most important predictor of the business value
of IT (Weill & Ross, 2004) drives the need to
analyze and understand the implications of e-BPM
on IT governance.
The key objective of this article is to investi-
gate the implications of e-BPM on IT governance
through the analysis of available literature. In
SDUWLFXODUWKHDUWLFOHDUJXHVWKDWDGLUHFWLQÀX-
ence of e-BPM on IT governance performance is
inevitable. While the importance of both effective
e-BPM and IT governance is intuitively clear,
there is currently little research on elements of
IT governance that get enabled by e-BPM. More
importantly, there is the lack of a theoretical

framework that could be used to analyze. To ad-
dress this shortcoming, the article also presents
an analysis framework. The analysis framework
is particularly useful as it incorporates elements
from prevalent IT governance frameworks. Using
the analysis framework, the article then examines
the implications of e-BPM on IT governance
and develops research propositions. The aim of
developing the propositions is to enable further
investigation and research thereby contributing
to IT management theory.
BACKGROUND
E-BPM and Its Current State of
Adoption
E-BPM views business processes from an end-
to-end perspective (Smith & Fingar, 2003).
Successful e-BPM adoption views end-to-end
processes as a crucial element as these possess
characteristics that make their management
imperative and technology has not been able to
cope with the reality to such processes (Smith et
al., 2002). According a survey conducted by the
BPM Institute, the three most critical factors that
enable organizations to gain the highest return on
BPM initiatives are (BPM Institute, 2004):
• Identification of high value e-business
processes in areas such as compliance and
regulatory requirements, risk management,
customer-facing services and supply chain
operations.

• Developing metrics to achieve measurable,
TXDQWL¿DEOHUHVXOWVWKURXJKLPSURYHPHQWV
LQRSHUDWLRQDOHI¿FLHQF\SURFHVVYLVLELOLW\
and control and business agility (Weill,
Subramani, & Broadbent, 2002).
• Establishment of long-term goals to evolve
from process improvement to process excel-
lence.
It is obvious that organizations to be effective
in addressing all the three critical factors men-
tioned above must have a high level of e-process
management capability. In order to enhance their
e-process management capability organizations
must address it from dimensions that include the
levers that have the ability to make the capabil-
ity change happen and the capability levels itself
(Fisher, 2004).
1845
E-Business Process Management and IT Governance
IT Governance
Firms manage their key assets that typically in-
FOXGH²KXPDQDVVHWVSK\VLFDODVVHWV¿QDQFLDO
assets, intellectual property assets, relationship
assets, and information/information technology
assets. Maturity across the governance of the
NH\ DVVHWV YDULHV VLJQL¿FDQWO\ ZLWK ¿QDQFLDO
and physical assets typically best governed and
information assets among the worst (Weill &
Ross, 2004). IT implementations to make these
happen require both large upfront and ongoing

investments. Changing business needs and to
some extent changing technologies necessitates
this (Weill & Ross, 2004). Organizations must
get acceptable value from their investments in IT.
Top performing organizations generate returns on
their IT investments up to 40% more than their
competitors (Weill & Broadbent, 1998). Effec-
tive IT governance is the single most important
predictor of the value (Weill, 2004; Weill & Ross,
2004).
Developing an Analytical Framework
Two IT governance frameworks (i.e., the CO-
BIT Framework of the IT Governance Institute
(ITGI) and the IT Governance Design Framework
VSHFL¿HGE\WKH0,76ORDQ¶V&HQWHUIRU,QIRUPD-
tion Systems Research (CISR)) are considered
for analyzing the implications of e-BPM on IT
governance.
The CISR IT Governance Design Framework
(Weill & Ross, 2004) takes a two-dimensional
stakeholder approach to IT governance. It consid-
ers IT as one the six key assets needing governance
as part of overall corporate governance. The IT
Governance Design Framework addresses criti-
cal issues along two dimensions presented as the
Governance Arrangement Matrix (Weill 2004;
Weill & Ross, 2004):
• Decision categories: Major categories of
decisions that organizations must make in
order to ensure effective management and

use of IT. These are: (1) IT principles, (2) IT
architecture, (3) IT infrastructure, (4) Busi-
ness application needs and 5) IT investment
and prioritization.
• Governance archetypes: Structures and
stakeholders for specifying decision rights;
WKHIUDPHZRUNLGHQWL¿HVVL[DUFKHW\SHVIRU
various decisions. These are: (1) business
monarchy, (2) IT monarchy, (3) feudal, (4)
federal, (5) duopoly, and (6) anarchy.
ITGI’s COBIT Framework (IT Governance
Institute, 2000a) takes a one-dimensional control
oriented approach to IT governance (IT gover-
nance Institute, 2000a). COBIT is a business
process oriented and therefore addresses itself in
WKH¿UVWSODFHWRWKHRZQHUVRIWKHVHSURFHVVHV
This approach stems from the fact that the process
owners are responsible for the performance of their
processes, where IT is an integral part (IT Gover-
nance Institute, 2000b). The COBIT framework
provides a set of 34 high-level control objectives,
one for each of the IT processes, categorized into
four domains: (1) planning and organization, (2)
acquisition and implementation, (3) delivery and
support, and (4) monitoring.
Additionally, the COBIT Framework provides
management guidelines that are action oriented
and generic management directions for control-
ling the enterprise’s information processes, for
tracking organizational goals, for IT process

performance monitoring and for benchmarking
organizational achievements (IT Governance
Institute, 2000b) through the (1) IT governance
maturity model to assess and benchmark IT
governance capabilities and maturity, (2) criti-
cal success factors that specify the most critical
implementation guidelines to achieve control
over IT processes, (3) key goal indicators that
determine whether an IT process has achieved its
business requirements, and (4) key performance
indicators that indicate how well an IT process is
performing and whether it is on target to achieve
1846
E-Business Process Management and IT Governance
its business goals. Deeper analyses of both frame-
works reveal similar underlying issues. Presented
below is a proposed mapping between the two
frameworks and the underlying commonalities
are amply evident.
• IT Principles: Focuses on high-level state-
ments on how IT is used and maps to PO1,
PO3, PO4, PO6, and PO7 of the COBIT
Framework.
• IT Architecture: Focuses on the orga-
nization logic for data, applications and
infrastructure captured in a set of poli-
cies, relationships and technical choices
to achieve desired business and technical
standardization and integration and broadly
maps to PO2, PO3, PO4, PO10, PO11, DS5,

and DS11 of the COBIT Framework.
• IT Infrastructure: Focuses on coordination
between shared IT services that provide the
foundation for the enterprise IT capabil-
ity and maps to AI1, AI2, AI3, AI4, AI5,
AI6, DS1, DS2, DS3, DS4, DS5, DS7, DS8,
DS9, DS10, DS12, and DS13 of the COBIT
Framework.
• Business Applications Needs:6 S H F L ¿H V W K H 
business need for purchased or internally
developed IT applications and maps to PO6
and PO8 of the COBIT Framework.
• IT Investment: Focuses on decisions about
the how much and where to invest and maps
to PO5, PO9, PO10, PO11, and DS6 of the
COBIT Framework.
This article analyzes the implications of BPM
on IT governance by anchoring it around the above
discussed governance frameworks. This approach
provides three advantages.
1. The governance frameworks, though dif
-
ferent in approaches, provide a fairly clear,
stable and solid specification covering
what, how, and why of IT governance. This
enhances the probability of the analysis to
have the necessary rigor.
2. The governance frameworks are based on
corporate best practices (IT Governance
Institute, 2000a; Weill & Ross, 2004),

thereby making the analysis practical and
pragmatic.
3. To some extent the differences between
the governance frameworks can be bridged
WKURXJKLGHQWL¿FDWLRQRIXQGHUO\LQJFRP-
monalities during the analysis.
Emerging Research Propositions
The COBIT Framework clearly mentions that the
34 high-level IT processes and control objectives
are primarily meant for business process owners
to get relevant and pertinent information about
their core e-business processes (IT Governance
Institute, 2000a). Hence, the business process
owners are the key stakeholders in governing
IT, and that information about core e-business
processes is key to managing IT (IT Governance
Institute, 2000b). On the other hand, the CISR
)UDPHZRUNLGHQWL¿HVPXOWLSOHVWDNHKROGHUVDQG
groups them into six archetypes (Weill & Ross,
2004). Among the archetypes, Federal and
Duopoly forms mention business process own-
HUV(%30E\GH¿QLWLRQLVIRUEXVLQHVVSURFHVV
owners managing their core business processes
(Fingar & Smith, 2003; Smith et al., 2002). Hence
the research proposition is:
Proposition 1: Organizations adopting e-BPM
are more likely to favor either federal or duopoly
governance structures.
Empirical evidence has revealed that most
common archetype is either Federal or Duopoly

(Weill & Ross, 2004). While the positive linkage
between e-BPM and federal archetype has been
discussed above, it is to be noted the successful
e-BPM adoption and implementation depends a
great deal on deploying BPM Systems (Delphi
BPM Market Milestone Report, 2003; Smith et
al., 2002; Smith & Fingar, 2004). This drives the
1847
E-Business Process Management and IT Governance
need for considerable involvement of the IT group
within the organization to assess, select, deploy
and maintain complex BPM Systems. Hence the
research proposition is:
Proposition 2: Adopting e-BPM is likely to encour-
age desirable governing structures thereby posi-
WLYHO\LQÀXHQFLQJ,7JRYHUQDQFHSHUIRUPDQFH
In the wake of Enron, WorldCom, and Tyco
episodes, there has been a renewed interest in cor-
porate governance. This has given rise to increased
compliance and regulatory requirements like the
Sarbanes-Oxley Act (Moeller, 2004) and BASEL
II (Chorfas, 2004). A McKinsey study found
that investors are willing to pay large premiums
IRULQYHVWPHQWVLQ¿UPVZLWKJRRGJRYHUQDQFH
standards. The Organization for Economic Coop-
eration and Development (OECD) has published
LQ  WKH ³2(&' 3ULQFLSOHV IRU &RUSRUDWH
Governance” to help organizations adopt best
practices (OECD, 2004). Corporate governance is
primarily about governance of key organizational

assets, e-BPM on the other hand is about the need
to govern an organization’s core end-to-end busi-
ness processes, a key asset (Hammer & Champy,
1993; Smith & Fingar, 2003). However, typical
business processes are most likely to have ele-
ments from all other key assets. Thus governing
and managing business processes, a core element
in corporate governance, forces organizations to:
 GH¿QH FULWLFDO DQG RSWLPL]HG EXVLQHVV SUR-
cesses that provide maximum customer value, (2)
specify business rules that govern the processes,
GHULYHEXVLQHVVUXOHVIURPFOHDUO\GH¿QHGDQG
documented organizational policies and maintain
complete traceability between them, (4) build clear
accountabilities/decision rights through enhanced
SURFHVVYLVLELOLW\GH¿QHSURFHVVSHUIRUPDQFH
measures (business measures) needed to monitor,
control and improve business processes, (6) de-
¿QHLQIRUPDWLRQQHHGVRIEXVLQHVVSURFHVVHV
Quickly compose and execute newer processes to
meet customer requirements, and (8) benchmark
processes against accepted/derived standards.
Hence the research proposition is:
Proposition 3: Organizations adopting e-BPM
are more likely to have effective corporate gov-
ernance practices.
Organizations expect good process manage-
ment systems to have the capability to quickly
compose e-business processes that deliver cus-
tomer value by allowing them to take advantage

of emerging business opportunities through agile
practices (Kalakota & Robinson, 2003; Sadiq &
Racca, 2003). However, in most occasions, frag-
ments of such end-to-end (composite) business
processes reside in multiple disparate IT applica-
tions and systems (Sadiq & Racca, 2003). Creating
composite e-processes requires BPM systems the
ability to integrate disparate IT applications in a
seamless manner (Sandoe, Corbitt, & Boykin,
2001). Process owners in specifying such com-
posite e-business processes must be fully aware
of the business intent and IT capabilities required
WRIXO¿OOWKHLQWHQW.DODNRWD5RELQVRQ
This results in closer business-IT alignment
(Henderson & Venkatraman, 1993). Hence the
research propositions are:
Proposition 4a: Using BPM systems to enable
process driven integration of disparate IT systems
and applications is more likely to result in clearer
IT principles.
Proposition 4b: Specifying composite e-business
processes through BPM systems is likely to result in
sound expression of business application needs.
Proposition 4c: Organizations with effective pro-
cess management capabilities are likely to make
better decisions regarding IT infrastructure.
The Open Group Architecture Framework
Version 8.1 Enterprise Edition (TOGAF) groups
different aspects of Enterprise Architecture into
1848

E-Business Process Management and IT Governance
four categories. These are business process ar-
chitecture, applications architecture, data archi-
tecture and technology architecture (The Open
Group, 2003). As a guideline in its Architecture
Development Methodology, TOGAF recommends
organizations to develop their business process
architecture prior to specifying the remaining
three architectures (The Open Group, 2003; Zach-
man 1999). This is because of the fact that data,
applications and technology architectures are all
driven by an organization’s process architecture
(Bernus, Nemes, & Schmidt, 2003; Perks & Be-
veridge, 2003). E-BPM fundamentally involves
GH¿QLQJ WKH %XVLQHVV 3URFHVV $UFKLWHFWXUH
SUHIHUDEO\WDNLQJDGYDQWDJHRILQGXVWU\VSHFL¿F
and publicly available process frameworks like
the supply chain operations reference (SCOR)
model and the Enhanced Telecom Operations
Map (eTOM) to enhance process visibility and
transparency and managing those processes in
a continuous manner (Poirier, Ferrara, Hayden,
& Neal, 2004; Smith & Fingar, 2003). Hence the
research proposition is:
Proposition 5: Organizations adopting e-BPM
are likely to make better decisions regarding
their IT architectures resulting in overall robust
enterprise architecture.
2UJDQL]DWLRQV VWUXJJOH LQ ¿QGLQJ VXLWDEOH
PHFKDQLVPVWKDWZRXOG¿WWKHLUUHTXLUHPHQWV

and culture (Grembergen, De Haes, & Gulden-
tops, 2004; Weill & Broadbent, 2004). Generally,
organizations use a multitude of governance
mechanisms. Research has evidenced that certain
governance mechanisms work better with certain
governance structures. Hence, decisions to choose
a certain set of governance mechanisms also
depends on the structures organizations prefer
(Weill & Ross, 2004). Besides, one of the key
leadership principles for effective IT governance is
implementing common governance mechanisms
across the six key assets (Weill & Ross, 2004).
E-BPM demands clear policies, unambiguous
rules, exception handling, optimized processes,
focus on customer value, clear accountabilities,
visibility and transparency, measurement orienta-
tion, and agility (Smith & Fingar, 2003). Hence
the research proposition is:
Proposition 6a: Organizations adopting e-BPM
DUHOLNHO\WR¿QGWKHLU,7JRYHUQDQFHPHFKDQLVPV
more effective and impacting.
Proposition 6b: Adoption of e-BPM in organiza-
tions is likely to facilitate and encourage imple-
mentation of common governance mechanisms.
While several organizations are now start-
ing to adopt e-BPM, there are several areas of
differences in adoption (Delphi BPM Market
Milestone Report, 2003; BPM Institute, 2004).
Some of these include: (1) the fundamental reasons
for adopting e-BPM, (2) the extent of adoption

(i.e., the kinds of business processes impacted,
(3) process governance practices, (4) the extent
to which BPM Systems are part of the overall
adoption, (5) groups within the organization that
are driving adoption, (6) the complexity of the e-
business processes, (7) role of BPM deployments,
(8) extent and complexity of systems integration
desired, (9) extraction and abstraction of business
UXOHV DQGEHQH¿WVDQWLFLSDWHGDQGVRXJKW
With BPM organizations aim to move from their
³DVLVSURFHVVPDQDJHPHQWFDSDELOLW\´WR³WREH
process management capability” (Smith & Fingar,
2004). Hence organizations adopting BPM assess
WKHLU ³DVLV´ DQG ³WREH´ %30 0DWXULW\ EDVHG
RQDVSHFL¿HG%300DWXULW\0RGHO)LVKHU
2004; Smith & Fingar, 2004). Through the earlier
research propositions the paper argued that, in
general good process management capabilities
S R V LW L YH O\ L Q À X H Q F H V , 7 J RYH U Q D Q F H S H U I R U P D Q F H  
Further, effective IT governance is the single
most important predictor of business value of IT
(Weill & Ross, 2004). Hence the overall research
propositions are:
1849
E-Business Process Management and IT Governance
Proposition 7a: Organizations with higher process
management maturity levels are likely to exhibit
higher IT governance maturity levels.
Proposition 7b: Organizations adopting process
management are likely to have more effective IT

governance practices, thereby leading to higher
business value of IT.
FUTURE RESEARCH
It is suggested that research propositions in this
DUWLFOHEDVHGRQWKHRU\DQGH[SORUDWLRQEHYHUL¿HG
ZLWKHPSLULFDOVWXGLHV6SHFL¿FDOO\WKHUHDUHDW
least three areas of theoretical and empirical stud-
ies that seem particularly plausible. These are:
1. Investigating the propositions in a larger
¿HO G V W X G \ W R Y D O L G D W H ZKH W K H U W K H V H S U R S R V L-
tions are applicable and whether they can
be generalized for theory advancement and
development.
2. Investigating the differences in process
management maturity and its impact on IT
governance issues like decision categories,
archetypes, governance mechanisms and
their impact of IT governance performance,
including disadvantages and associated
ULVNVDVSURSRVLWLRQVUHÀHFWJHQHUDOVWDWH-
ments. Such studies should preferably be
longitudinal in nature in order to capture
the long-term impacts in differing business,
market and technology scenarios.
3. Development of a generic IT governance
design framework along with an implemen-
tation toolkit that harmonizes e-BPM with
IT governance.
CONCLUSION
The impact of e-BPM on various aspects of IT gov-

ernance was examined and presented as research
propositions for further exploratory research.
Increasingly being faced with the phenomenon
RI³SURGXFWLYLW\SDUDGR[´%U\QMROIVVRQ
and organizations struggling to justify IT invest-
ments, governance of IT assumes a critical role in
WKLVVFHQDULR+RZHYHUWKH¿UVWVWHSLQKDYLQJD
formal IT governance program and freely using
it to improve the IT function and overall business
performance is the recognition that information
and IT are key organizational assets that need
to be closely governed and skillfully managed
DORQJZLW K¿YHRW KHUNH\DV VHW V%X VL QHVVSU RFH VV
orientation provides one of the approaches to
elevate the status and criticality of information
and IT to an organization. The harmonization of
business processes and IT is natural and logical
in most enterprises because cross functional and
cross enterprise composite business processes are
e-business processes and depend on information
ÀRZVWKDWWUDQVFHQGRUJDQL]DWLRQDOERXQGDULHV
and need to be supported by the IT infrastruc-
ture. The paper discussed the implications of
e-BPM on IT governance in detail and generally
DUJXHGWKDWLWSRVLWLYHO\LQÀXHQFHV,7JRYHUQDQFH
performance and helps organizations to extract
more business value from their IT investments.
7KHDQDO\VLVDOVRSURYHGWREHXVHIXOLQEULHÀ\
comparing and contrasting two prevalent IT
governance frameworks. The underlying theories

in these frameworks allowed deriving several
research propositions.
:KLOHWKHRYHUDOOSRVLWLYHLQÀXHQFHRIH%30
on IT governance were presented and argued,
it is also important to discuss and elaborate the
consequences of taking this approach. Firstly,
as discussed in propositions 2a and 2b, BPM is
likely to favor certain archetypes and decision
mechanisms for IT governance. An organization
on the other hand may not be prepared for such a
shift given its current culture, political environ-
ment and business needs. Hence managers need
t o a s s e ss t h i s a s p e c t v e r y c lo s el y. S e c on d l y, of l a t e
many organizations are using outsourcing of IT
capability as a management strategy, sometimes
1850
E-Business Process Management and IT Governance
successfully. Organizations typically outsource
commodity IT services and perhaps co-source
RWKHU VHUYLFHV2XWVRXUFLQJDVDTXLFN¿[ PR-
tivated by frustrations with IT is a symptom of
problems in IT governance. Managers in such
organization (which seem to be increasing) need
to carefully evaluate the role IT plays in an or-
ganizational context and then seek to address IT
governance issues.
REFERENCES
Bernus, P., Nemes, L., & Schmidt, G. (Eds.).
(2003). Handbook on enterprise architecture.
Berlin: Springer.

BPM Institute. (2004). Assessing the Current
State of BPM Usage-A BPM Institute Executive
White Paper. Northboro, MA.
Brynjolfsson, E. (1993). The productivity paradox
of information technology. Communication of the
ACM, 36(12), 67-77.
Chorfas, D. N. (2004). Operational risk control
with BASEL II-basic principles and capital
requirements. Burlington, MA: Elsevier But-
terworth-Heinemann.
Davenport, T. (1993). Process innovation-reen-
gineering work through information technology.
Boston: Harvard Business School Press.
Delphi Group. (2003). BPM 2003 Market Mile-
stone Report. Boston.
Fisher, D. M. (2004, September). The business
process maturity model-A practical approach
for identifying opportunities for optimization.
BP Trends. Retrieved from rends.
com
Grembergen, W.V. (Ed.). (2004). Strategies for
information technology governance. Hershey,
PA: Idea Group Publishing.
Grembergen, W.V., De Haes, S., & Guldentops,
E. (2003). Structures, processes and relational
mechanisms for IT governance. In W. V. Grem-
bergen (Ed.), Strategies for information tech-
nology governance. Hershey, PA: Idea Group
Publishing.
Hammer, M., & Champy, J., (1993). Reengineering

the corporation-A manifesto for business revolu-
tion. London: Nicholas Brearley.
Henderson, J. C., & Venkataraman, N. (1993).
Strategic alignment-leveraging information
technology for transforming organizations. IBM
Systems Journal, 32(1), 4-16.
IT Governance Institute. (2000a). COBIT 3
rd
Edi-
tion framework. Meadows, IL: IT Governance
Institute.
IT Governance Institute. (2000b). COBIT 3
rd
Edi-
tion Management Guidelines. Meadows, IL: IT
Governance Institute.
Kalakota, R., & Robinson, M. (2003). Services
blueprint-roadmap for execution. Boston: Ad-
dison-Wesley.
Kim, H. M., & Ramkaran, R. (2004). Best practices
in e-business process management-Extending a
re-engineering framework. BPM Journal, 10(1),
27-43.
Moeller, R. (2004). Sarbanes-Oxley and the new
internal auditing rules. New York: John Wiley
& Sons.
The Open Group. (2003). TOGAF (Version 8.1)
Enterprise Edition. San Francisco. Retrieved from

Organization for Economic Cooperation and

Development (OECD) (2004). Principles of Cor-
porate Governance SG/CG (99) 5. Directorate for
Financial, Fiscal and Enterprise Affairs.
Perks, C., & Beveridge, T. (2003). Guide to
enterprise IT architecture. New York: Springer-
Verlag.
1851
E-Business Process Management and IT Governance
Poirier, C., Ferrara, L., Hayden, F., & Neal, D.
(2004). The networked supply chain-applying
breakthrough BPM technology to meet relent-
less customer demands. Boca Raton, FL: J. Ross
Publishing.
Porter, M. (1985). Competitive advantage. Lon-
don: Collier Macmillan Publishing.
Sadiq, W., & Racca, F. (2003). Business services
Orchestration-The Hypertier of information tech-
nology. Cambridge, UK: Cambridge University
Press.
Sambamurthy, V., & Zmud, R.W. (2000). Research
commentary—The organizing logic for an enter-
prise’s IT activities in the digital era-A prognosis
of practice and a call for research. Information
Systems Research, 11(2), 105-114.
Sandoe, K., Corbitt, G., & Boykin, R. (2001).
Enterprise integration. New York: John Wiley
& Sons.
Smith, H., & Fingar, P. (2003). Business process
management—The third wave. Tampa, FL:
Meghan-Kiffer Press.

Smith, H., & Fingar, P. (2004, July). Process Man-
agement Maturity Models. BP Trends. Retrieved
IURPKWWSZZZESWUHQGVFRPSXEOLFDWLRQ¿OHV
07%2D04%20COL %20Maturity%20Models%
2D%20Smith%2DFingar %2Epdf
Smith, H., Neal, D., Ferrara, L., & Hayden, F.
(2002). The emergence of business process man-
agement. CSC Research Services. Retrieved from

Weill, P. (2004). Don’t just lead, govern—How
WRSSHUIRUPLQJ¿UPVJRYHUQ,7&,65:RUNLQJ
Paper No. 341.
Weill, P., & Broadbent, M. (1998). Leveraging
the new infrastructure—How market leaders
capitalize on information technology. Boston:
Harvard Business School Press.
Weill, P., & Ross, J. W. (2004). IT governance
How top performers manage IT decision rights
for superior results. Boston: Harvard Business
School Press.
Weill, P., Subramani, M., & Broadbent, M. (2002).
IT infrastructure for strategic agility. MIT Sloan
Management Review, 44(1), 57-65.
Zachman, J. A. (1999). A framework for informa-
tion systems architecture. IBM Systems Journal,
38(2&3), 454-470.
KEY TERMS
COBIT: The COBIT (Control OBjectives for
Information and related Technologies) is an IT
*RYHUQDQFH)UDPHZRUNVSHFL¿HGE\WKH,7*RY-

ernance Institute. The COBIT model describes the
³FRQWUROREMHFWLYHV´IRU,7SURFHVVHVDQGWKH
management guidelines, implementation guide-
l i n e s a n d o u t c o m e m e a s u r e s f o r t h e p r o c e s s e s .
Governance Archetype: Archetypes typi-
cally involve various stakeholder constituencies
and their decision rights within the purview of
IT governance.
Governance Decisions: These represent the
most crucial domains of IT decisions that are key
t o g o o d I T g o ve r n a n c e , a n d i n c l u d e s I T p r i n c i p l e s ,
IT architecture, IT infrastructure, Business ap-
plication needs and IT investment management.
Governance Mechanism: These are ap-
proaches adopted by organizations to implement
and institutionalize governance structures and
practices.
IT Governance: The decision rights and
accountability framework to encourage desir-
able behaviors in the use of IT (Weill & Ross,
2004). The locus of enterprise decision-making
authority for core IT activities (Sambamurthy &
Zmud, 2000).
1852
E-Business Process Management and IT Governance
IT Governance Maturity Model: This is
part of the COBIT management guidelines and
LVD¿YHVWDJHPDWXULW\PRGHORI,7JRYHUQDQFH
and a series of tool kits, audit guidelines and
implementation guidelines. The levels ranging

IURP³QRQH[LVWHQW´WR³RSWLPL]HG´UHSUHVHQW
progressively higher degree of effective gover-
nance practices and processes.
This work was previously published in Encyclopedia of E-Commerce, E-Government, and Mobile Commerce, edited by M.
Khosrow-Pour, pp. 272-278 , copyright 2006 by Information Science Reference (an imprint of IGI Global).
1853
Copyright © 2009, IGI Global, distributing in print or electronic forms without written permission of IGI Global is prohibited.
Chapter 6.9
A Prototype E-Business
Model to Create a Competitive
Advantage in SMEs
S. Pavic
8QLYHUVLW\RI6KHI¿HOG8.
M. Simpson
8QLYHUVLW\RI6KHI¿HOG8.
S. C. Lenny Koh
8QLYHUVLW\RI6KHI¿HOG8.
ABSTRACT
This study explores new ways for SMEs to cre-
ate a competitive advantage through the use of
e-business. It examines the level of ICT use in
60 ( V D Q G L G H Q W L ¿ H V W K H G U LY H U V D Q G E D U U L H U V Z K L F K 
owners/managers face in adopting e-business.
Furthermore, it explores the degree of awareness
amongst SMEs of the opportunities available to
them for developing their employees, their busi-
ness strategies, and their attitudes toward the range
of initiatives and options, on the use of e-business.
Industry behaviour and organisational culture in
relation to the creation of competitive advantage

through e-business also are explored. Case studies
and literature review are used to collect informa-
tion from and about SMEs in the UK. The results
of these are employed to propose a prototype
EXVLQHVVPRGHOQDPHG&$7(E±³&RPSHWLWLYH
Advantage Through e-business.”
INTRODUCTION
The economic environment in which businesses
¿QGWKHPVHOYHVWRGD\LVSHUKDSVWKHPRVWWXUEXOHQW
LQKLVWRU\,WLVGRPLQDWHGE\WKUHHSRZHUIXOLQÀX-
ences: globalisation, knowledge and information
revolution, and structural change of organisa-
tions (Booz Allen Hamilton, 2002). Therefore,
in this new era of the e-economy, the traditional
starting point for strategic business thinking in