2013 Proceedings of PICMET '13: Technology Management for Emerging Technologies.

IT Governance Implementation in Corporate Environments:

A Case Study of an International Hospital in Thailand
Sureerat Saetang, Abrar Haider
University of South Australia, Australia
Abstract--In the period of economic confusion and public
policy turmoil, the business community loses confidence and
feels uncertain in its own positions, in public, and in broader
view. Organizations, thus, seek the way to govern themselves
more effectively and truly to be held accountable. In these
circumstances, the role of information systems in particular and
technology in general becomes more and more critical. These
technologies provide the foundational building block for
organizational development, evolution, and responsiveness. This
increased emphasis on technology in organizations has also
exposed new issues and risks related to technology acquisition,
diffusion, operation, and institutionalization. This research leads
to examine how IT governance cope most concerns in its
domains by delivering hands-on knowledge. It presents a case of
an international hospital in Thailand and classifies the findings
within the areas of strategic alignment, value delivery and risk
management. Referring to them, it could be the solutions, which
lead practitioners to handle difficulties and unlikely situations
within their organizations. Therefore, this research aims to
achieve long-term for sustainability success by deploying IT
governance.

I. INTRODUCTION
In 2001, there were several world famous corporate
governance scandals, Sarbanes-Oxley Act of 2002 was
legislated by the United States Congress to strengthen the
effectiveness of corporate governance by concentrating on
the quality of internal control and financial reporting fidelity
[1]. Since then, governance topics have become a crucial
aspect for organizations in this decade. Furthermore, the
corporate governance has been perused and raised more
interest in public due to the rise of regulatory and legal
deliveries and renowned samples of organization oversight
[2]. Based on the keys to business survival in contemporary
business, IT governance is considered as an instrument,
which indicates the value of Information Technology (IT)
obviously by facilitating organizations to achieve competitive
advantage in this digital age [3]. Further explanation, IT
governance is an indispensable component of corporate
governance in every industry [4].
In organization-wide establishment, it is essential to pay
attention to the qualified people and their management by
realizing the importance of governance and understanding the
reason to adopt IT [5]. Furthermore, IT supports business in
different ways by aligning business and IT strategies,
delivering business value to support strategic assets, leading
people to use resources wisely and encouraging best practices
in implementing IT governance [6]. Therefore, people
acknowledge the use of IT and operate it proficiently. In this
way, these lead them to implement computerized information

systems (IS), which help to create data, manage business

processes and generate business reports [7]. Then, they gain
more technical and functional skills. Meanwhile, there is the
involvement of numerous decisions and activities at the edge
between IT and the business, which have to persist in the
adoption process [8, 9]. By doing so, divergent stakeholders
commit to make decisions in the meeting as part of IT
governance procedures [10]. This leads to intensify the
structure of IT governance in strategic alignment between IT
and business to carry out corporate environment.
According to the foregoing research, there are various
meanings of IT governance [9, 11, 12]. Unfortunately, it is
still not clear to understand on how IT governance assists
organization to achieve enterprise-wide successfully [3]. To
gain more understandings, it requires more explanations and
in-depth rationales of IT governance, which affects to
organizational performance and organizational strategy. In
this process, it is recognized that the stakeholders and top
managements must de-centralize their responsibilities to
subordinate groups by sharing the knowledge [13] and
technology. Then, their people will work smarter with more
scopes of responsibility to be focused and managed.
Therefore, this research leads to examine how IT governance
cope most concerns in its domain of strategic alignment,
value delivery and risk management. In short, this research
aims to achieve long-term for sustainability success by
deploying IT governance.
In terms of the structure of this research, it discusses the
literature of strategic alignment, value delivery, and risk
management. Secondly, it clarifies the research methodology
and case study prior to presenting the research findings.
Lastly, this research summarizes the conclusion.
II. LITERATURE REVIEW
A. IT Governance
Literally, Information System Development (ISD)
methodologies emerged IT awareness in assisting
organizations to integrate business strategy and strengthen it
to suit the business to gain further development [14]. On top
of that, there will be more positive outcomes for those
organizations, which use resources wisely, build them
productively and finally create new business opportunities
[15]. Moreover, IT supports to renovate existing processes or
form new structures by operating more tasks to challenge and
also using familiar equipment and materials, which are
available at that time [16]. Meanwhile, the organizations
obviously gain better business performance by adopting
robust technologies, dynamic strategies and clear business

2460

2013 Proceedings of PICMET '13: Technology Management for Emerging Technologies.

vision influences [17] and top management support [18]. In

relation to gain better understanding in IT of top
management, IT infrastructure is one of the top business
priorities for them to re-develop business vision and reapproach new business opportunities [14].
According to the organizational maturity assessment,
there are five domains to develop an integrated framework:
(1) strategy, (2) technology, (3) organization, (4) people, and
(5) environment [19]. These domains integrate with factors
directly and indirectly in minimizing resistance and
supporting to the acceptance of business relations,
particularly IT infrastructure, security, users concerns,
awareness and skills, and regulations [20]. Referring to the
definition of IT governance, it is a subclass discipline of
corporate governance that concentrates on information
technology systems (ITS), business operations, and risk
management [21]. Relating to this research in IT governance,
there are five domains of its which contains: (1) strategic
alignment, (2) value delivery, (3) risk management, (4)
resource management, and (5) performance measurement
[22]. However, this research only focuses on the findings of
strategic alignment, value delivery, and risk management.
Based on modern enterprise environments, it is highly
important to have effective IT governance along with
significant administrative performance [23, 24]. Thus, it is
imperative to execute IT governance to strengthen
organizations and empower responsible people in managing
their work performance effectively. With this in mind, IT and
business realize that IT governance is an investment
instrument, which helps organizations to align uncontrollable
business activities and complex IT [25], an uncertain business
environment [26], and conflict in internal relationships [27].
B. Strategic Alignment
In turn, the strategic importance always emerges an
innovative project, which is normally blocked by the different
organizational hurdles [28]. Thus, strategic alignment is
important to any business, which mainly aligns business and
IT collaboratively. Moreover, IT supports strategic alignment
to align business and IT strategies by considering IT as a
practical solution to provide well-built transformation to
achieve competitive investment cost and more return on
investment [29, 30]. Meanwhile, strategic IT development
supports business vision to acknowledge, contribute and
manage the future business concepts and the future
directions, which leads to be concerned as one of the critical
success factors and emerges the innovations [31].
C. Value Delivery
Consistent with the value delivery, most powerful
organizations gain higher profits and more competitive
advantages of using advanced business networks and high
technology with new business models, which is better than
their competitors that operate businesses traditionally without
technology to support their businesses [32]. At the same time,
organizations can identify their value creation structures and

re-organize their current businesses to be compatible and

suitable to their environments [32]. In this process, these are
the effects of value creation models for value-based
management, which cooperate with the innovative decision
making, the environmental aspects and the distinctiveness of
business configurations [33]. Furthermore, development
represents consumers perspectives on value creation [33].
These mean the value creation is important to support and
develop any business by responding to customers demands
for something new and different. In this way, there are more
people focus on and interested in newer functions, better
outlooks, more innovative features, more affordable prices,
fresher ideas and so on. Therefore, new products and services
can gain more attention and acquire more customers rather
than existing ones. In this way, value creation is a vital
determinant in organizational integration [34]. At the same
time, it is a helpful function for governance, which produces
value for end customers [32]. To raise more expectations of
value creation from shareholders, organizations certainly gain
more IT investments from investors in the stock market [35].
Therefore, people pay attention to their developments,
investments and potentials in IT to become the leader in the
market and achieve more profits. Certainly, value delivery
needs market exploration to survey the right products and
services in meeting the proactive delivery structure [36].
D. Risk Management
Additionally, risks can be described as problems, threats
or even concerns and need to be solved as they are unwanted
and unexpected situations that produce unqualified or
unsatisfied projects [37]. Basically, risk management is one
of the main phases in project management, which exists in
most big organizations by implementing powerful resources
(tools) to support management and prevent business risk [38].
Of course, risks need to be controlled by implementing
different factors; suitable IT risk management methodologies,
proper decision makings and sufficient resource management
[39]. So, this process comes up with different methodologies,
multiple concepts and various sources to manage low risk at
different operational levels within and across organizations.
Referring to risk management, it contains assessment and
management approaches [40] with five levels of risk
management. In terms of the assessment approach, it is
considered as an analysis method. In this approach, there are
nine stages to define risk factors; (1) identification, (2)
categorization, (3) delivery, (4) analysis, (5) responsiveness,
(6) recording, (7) investigation, (8) control and (9)
development. Based on the management approach, it is
concerned as the management tools, which collect
information and analyze it to support decision-makings. In
this way, it also encompasses nine stages; (1) description, (2)
concentration, (3) recognition, (4) consolidation, (5)
supervision, (6) mitigation, (7) assessment, (8) design and (9)
implementation [38]. At the same time, risk management has
five levels; (1) planning, (2) identification, (3) risk analysis of
qualitative and quantitative, (4) risk response planning and

2461

2013 Proceedings of PICMET '13: Technology Management for Emerging Technologies.

(5) monitoring and control [38].

In brief, it is essential to have IT governance to support
any business in encountering, managing and overcoming
chaotic business processes. Therefore, it is clearly understood
that IT is important to an organization because it works as an
essential organizational function in supporting business and
integrating diverse aspects with the right decision making
processes, thus achieving business objectives. Therefore, this
research delivers a profounder understanding of critical
success factors [41]. Furthermore, the research methodology
is available in the next section.
III. RESEARCH METHODOLOGY
This research employs a single case study [42]. It also
focuses on how IT governance addresses the issues of
strategic IT alignment, value delivery, and risk management
in a Thai healthcare provider, BBB (an alias). It adopted and
implemented numerous technologies and the fundamental
factors, which affected to the organizational objectives. In
terms of this case study research, it raises the interests by
using qualitative research method [43]. In this way, it adopts
the how questions in active contemporary situations [42-45]
that delve IT governance. Further, this research selects to use
in-depth approach to examine the organization and its IT
governance implementation in its context, and embrace
technological and complex human/social components [46].
Moreover, the method of this research pinpoints the
approaches and mysterious relationships that arisen within
the organization through delivers strong perceptions [47], and
achieves the research objectives by recognizing the factors
that tailor IT governance practices.
Moreover, this research applies an interpretive approach
with a qualitative approach for data collection from
participating organizations by conducting in-depth semistructured interviews (face-to-face meetings, email and
telephone follow-up), personal observation in workplace, and
qualitative questionnaire surveys. These processes and
approaches support opportunities to scrutinize IT governance
and its domain, which exist in BBB. This research leads to
examine how IT governance cope most concerns in its
domains by delivering hands-on knowledge. It presents a case
of an international hospital in Thailand and classifies the
findings within the areas of strategic alignment, value
delivery and risk management. Referring to them, it could be
the solutions, which lead practitioners to handle difficulties
and unlikely situations within their organizations. Therefore,
this research aims to achieve long-term for sustainability
success by deploying IT governance. Withal, this research
takes its key problem-question, How does implementation of
an IT governance framework contribute to the value profile
of the IT infrastructure in achieving business objectives and
meeting its needs?
Research in BBB hospital in Thailand, it was conducted
over a period of two months with 8 interviewees in face-toface sessions. The informants were senior IT strategy and

policy specialist, senior software quality assurance specialist,

head of IT strategy and policy, head of software quality
assurance, senior IT architect specialist, senior regulatory and
policy compliance specialist, senior information systems
auditor, and senior IT resource and portfolio management
specialist. All interviews were digitally voice-recorded and
transcribed from Thai to English languages, with additional
information from website of BBB hospital. Each interview
session took approximately one hour. Moreover, the consent
letters were given to all interviewees to ensure that they allow
recording the conversation. Otherwise, they can stop during
interview sessions at any time as long as they are
uncomfortable. Additionally, voice recording is essential to
all interviews because it contains and saves the recorded
information at hand, which can ensure the correction of their
statements when it comes to the transcription process. All
informants were provided an assurance of secrecy and
privacy. During the interviews, questions asked were
explored in open-ended and closed-ended questions in
qualitative and quantitative questionnaire surveys. In doing
so, the assigned interviewees were selected in appropriate
roles in senior management level at BBB hospital. In this
process, the interviewees were investigated by taking their
awareness, understandings, attitudes and experience in IT
governance implementation.
According to the data analysis, data were collected from
all interviews in a repetitive process, which contained the
observed data, the theoretical views, and the relevant
literature [44]. Furthermore, this research provides the
statements of informants in the quotation, which is
considered as the significant information to be highlighted
[48]. In this way, it is potential to create a mind-mapping
strategy to establish the experiential data [49]. Then, the data
analysis process was created to deliver more understandings,
which explained the overall findings of the case studies
generally [44].
IV. CASE STUDY
A. Background of the BBB hospital
BBB was established as a business within the Thai and
global healthcare industry in 1980 and it has over 3,000
employees, including approximately 1,200 doctors, dentists,
healthcare experts, and physicians and over 900 nurses. The
international management team of BBB operates in the
American management style overseen by a team of
experienced hospital administrators from United States of
America (US), Australia, Singapore, Thailand and United
Kingdom (UK). The medical chairman is board certified in
the UK. The group medical director is board certified in the
US. Most top medical experts were educated and trained in
the US or UK, and/or held positions at one of Thailands
leading teaching hospitals. The majority of medical officers
gain international experience and obtain board certification
from the UK, Australia, Germany, Japan, or the US.

2462

2013 Proceedings of PICMET '13: Technology Management for Emerging Technologies.

BBB is an international healthcare provider based in

Bangkok, Thailand and it operates the largest private hospital
in South East Asia. It has a registered capital of Baht 920
million (USD 30 million). The total revenue in the fourth
quarter of 2011 was approximately 2.5 billion Baht (USD 80
million) with a 14% of return on assets (ROA). BBB is one of
the major private hospitals in Thailand and has been listed in
SET (The Stock Exchange of Thailand) since 1989. Besides,
the total number of patients in 2010 was over one million
comprising over 400,000 international patients from more
than 190 countries and including local patients who were
outpatients and inpatients. Especially, the United Arab
Emirates, the United States, and Myanmar are the top three
countries, where overseas patients came from, in terms of
expenditure, at BBB.
Furthermore, Microsoft has appointed BBB as one of its
research and development partners for improving
computerized Hospital Information Systems developed by
Microsoft and tested in the live environment of BBB. it has
also invested in the Asian Hospital and Medical Center in the
Philippines in 2010, along with, co-operating on a
management contract with the Health Authority of Abu
Dhabi to manage Al-Mafraq Hospital in the United Arab
Emirates. Furthermore, the hospital attracts investment from
the United Arab Emirates government through a Dubai
company, Istithmar, Temasek of Singapore, Asia Financial
Holdings in Hong Kong, and Bangkok Bank Public Company
Limited, who are all worldwide strategic partners of BBB.
B. IT Governance at BBB hospital
Taking a closer look at the working groups in IT
governance, there are particular groups of IT people some of
whom are involved fully while others are involved partially
in IT governance. However, they mainly focus on providing
IT services to the whole organization with different business

activities. By doing so, they work with all IT areas through

the overall processes within the organization at every step.
The Project Manager and IT Infrastructure Manager stated:
We have three teams, which focus on IT support; (1) the
IT support team, (2) the network infrastructure team, and
(3) the Hospital Information Systems (Amalga) team.
Amalga is the most specialized team because this team
has to mainly service doctors and related professional
people. Due to our business environments, we have to
customize ITIL to suit business needs and culture. It is
extremely difficult to customize our business directions to
suit the frameworks.
The IT organizational structure of BBB demonstrates an
integrated operation focusing on the directions of the Chief
Executive Officer (CEO) and the Chief Technology Officer
(CTO), whose tasks are presented below in figure 1. At BBB,
the CTO operates three teams in Information Systems
department. These are: (1) the IT support team, (2) the
Network Infrastructure team, and (3) the Hospital
Information Systems team (HIS). According to the operation
procedures of these teams, internal staff contact them by
calling and reporting IT problems and to have them placed in
the priority queues for IT assistance. However, they have to
choose the particular option of preferred support to get direct
help. In terms of the IT support team, this team mainly
focuses on providing general IT services in basic computer
troubleshooting. For the network infrastructure team, it
provides support in servers, databases, computer networks,
and outsourcing companies which look after all IT
infrastructure (hardware and software); for instance,
computers, printers, servers, network, software, and related
areas. In relation to HIS, this team has Amalga experts who
mainly discuss with Microsoft and also serve doctors and the
related specialists who use Amalga.

Fig. 1: IT Organizational Structure of BBB

2463

2013 Proceedings of PICMET '13: Technology Management for Emerging Technologies.

IT governance determinnes
the ruless and regulation s an
IT dep
partment followss.
IT goverrnance allocates the
decision rights and formss the
accounttability structure
e to
enco
ourage desirable
e
behavior in the use of IT.

0.00%
9.86
6%

ns,
IT governnance runs, plan
shapess and controls IT
69..93%
capabilit ies in accordancce
with broaad organizationaal
sstrategy.

0.00%
20.21%

IT governance influences the

strructure for decission making
and
a the accountaability, by
overseeing
o
the return
r
on
investmen
nts.

IT governance uuses IT assets

to direct and control risk
management and
producttivity.

Fig. 2: Understtandings of IT Govvernance

There are diifferent undersstandings and description off IT

goovernance apparent in BBB, as the opinion
ns of respondeents
shhown in figure 2. Interestinglly, most peoplee consider thatt IT
goovernance is a tool which
h allows the organization to
im
mprove IT opeerations by fo
ollowing the business
b
strategy.
Suurprisingly, itt seems that the correspondents do not
n
unnderstand the true meaning
g of IT goverrnance, which
h is
baased on the ov
verall results by
b comparing them to the top
reesponse. Moreo
over, there aree two choices,, which were not
n
seelected. It could suggest that a poor relation
nship between the
buusiness sector and
a IT sector has
h emerged. On
O the other haand,
it could be poo
or communicaation between them. Howev
ver,
sttaff understand
ding of IT im
mplementation is insular, wh
hich
dooes not look ap
ppropriate in a large organization. Looking
g at
thhe overall view
w, it seems that
t
the top management
m
and
a
exxecutives at BBB
B
have not paid sufficien
nt attention to IT
IT
goovernance, theere is a lack knowledge
k
in understanding
u
goovernance, alo
ong with, less attention to
o IT governan
nce
innitiation and implementatio
on. That cou
uld be why the
m
majority of peeople saw and
d viewed and
d considered IT
goovernance in dissimilar
d
wayss. Then, it wou
uld be better if the
seenior managem
ment were able to gain more understanding by
haaving particullar sessions, training,
t
or even
e
conferences
abbout the theorry and applicaation of IT go
overnance. Th
hen,
seenior personnel will definitelly acknowledg
ge and realize the
addvantage of IT
T governance. Further, they
y will draw more
atttention and raaise this issue to subordinatee staff to educcate
thhem further. In
n turn, BBB will
w gain smarter people, higher
finnancial wealth
h, a better orgaanizational imaage, and a higher
poosition in the in
ndustry.

unication in thhe same undeerstanding andd direction.

commun
Then, thhe results will come out in thhe same way aas discussed
and inttended. The Human Resoources Divisioon Director
mentionned:
C
Clear strategicc planning iss the first prriority. For
insttance, we are ggoing to have an e-HR systeem. In doing
so, it makes HR
R employees w
work more eff
fficiency by
alloowing end users to access services for themselves.
Theen, I think thaat we have to understand thhe business
objjectives clearlyy and the reasoons to adopt IT
T effectively.
Ressponsibility, authority, and particippation of
resp
sponsible peoplle are very impportant.

C
C. Strategic Alig
gnment at BBB
B hospital
According to
o the view of th
he planning/ management
m
lev
vel,
it is compulsory
y to understan
nd business ob
bjectives priorr to
im
mplementing IT
T. Therefore, th
he right peoplee of both busin
ness
annd IT deparrtments mustt have clearr and effecttive

Accoording to figgure 3, IT alignment annd business

process es have shownn different resuults in both norrmative and
most m
mature accordinng to all responndents. Significantly, they
are onee of the inflluential factorrs of every oorganization
becausee they drive andd enhance orgaanizational prooductivity to

800.00%
700.00%
600.00%
500.00%
400.00%
3 0.00%
2 0.00%
110.00%
0.00%

70..23%

29.77
7%
0.00%

Leaast
Matture

Normative

Most
Mature

Fig. 3: Alignnment of IT with B

Business Processess

2464

2013 Proceedings of PICMET '13: Technology Management for Emerging Technologies.

m
meet business ob
bjectives. As a result, it lookss because nobo
ody
seelected least mature
m
which suggests
s
emplo
oyees agree with
w
thhe measures ad
dopted within the organizatio
on. Moreover, IT
allignment and business
b
processses seem to bee going well with
w
a positive poteential as peo
ople, who sellected normattive
(770.23%), could
d develop them
mselves furtheer in assisting to
shhape the work
k processes th
hrough the usee of IT to bu
uild
reelationships wiithin the organ
nization. Mean
nwhile, there are
soome people who chose mosst mature (29.7
77%) who fou
und
thhat alignment of IT with th
he business prrocess at BBB
B is
efffective. Yet, top management could embolden and
a
enncourage their employees to utilize innovaative technolog
gies
byy assisting perrsonnel to study further and get
g more training
too understand th
he operation processes,
p
in order
o
to use th
hem
w
wisely, correctlly, and appro
opriately. On the other haand,
exxecutives shou
uld pay more attention to IT
T investments by
enncouraging exeecutives involv
ved in IT manaagement to atteend
traaining sessions, seminars, an
nd conferencess. Then they will
w
deefinitely gain more knowleedge about IT
T alignment and
a
buusiness processses and deveelop stronger perceptions and
a
poositive views. Consequently,, they will kno
ow how and why
w
too invest; and know
k
more about IT. In thiss way, BBB will
w
ceertainly gain in
nternal IT expeerts who know
w how to align IT
annd business efffectively with
h more effectiively along with
w
hiigher employeee productivity
y in the work
kplace leading to
exxceptional orgaanizational pro
ofitability.
D
D. Value Deliveery at BBB hosp
pital
Once the IT
T governance adoption in BBB is settlled,
peeople gain morre understandin
ng of their bussiness operatio
ons.
Thhey become proficient
p
in th
heir work and familiar with the
ennterprise architectures, IT sy
ystems and seervices, operating
frramework, and
d business processes,
p
which means th
hey
suupport aligning
g business and
d IT. The Inforrmatics Pharmaacy
M
Manager commeented:
I think thee business-IT processes are better
b
than befo
ore.
I always concern myself with
w logical wo
orkflows from first
fi
to last step
ps and arrang
ge the processes in an ordeerly
manner. New
N
processes require a lo
ower number of
workers. On
n the other hand, users can work faster, gain
g
more comfo
fort and deliver more producctivity with mo
ore
accuracy. Therefore,
T
it iss less time-con
nsuming, provid
des
more moneey savings, is higher speed,, and involvess a
lower numb
ber of workers.. These are thee main impactss of
IT governan
nce adoption.

In figure 4, there is a big

g difference beetween normattive
(996.56%) and most
m
mature (3
3.44%). It seem
ms that peoplee at
BBB believed that the valu
ue of IT serrvice delivery is
reelatively ordinaary. It is vitall that BBB sh
hould develop IT
seervice delivery in order to gain higher valuee. However, no
one
off the responden
nts selected L
Least Mature.. This shows that
t
thhey still have some
s
concern whether IT seervice delivery
y at
BBB is effective enough. Theerefore, top maanagement shou
uld
paay more attenttion to IT service delivery by
y providing more

IT inveestments or cuustomizing thee present systeem to meet

their reqquirements as m
much as possibble.
1000.00%

96.56%

8 0.00%
660.00%
440.00%
220.00%

0.00%

4%
3.44

0.00%
Leeast
Normattive
Maature

Most
Mature

Fig. 4: Value of IT Serviice Delivery

E. Risk Management aat BBB hospitaal

For this organizattion, there is thhe regulatory compliance
that maandates/ requires that each ddepartment to m
monitor and
assess aall types of rissk within theirr departments iindividually
and solvve problems foor themselves. Then, they haave to report
all inciidents and trooubleshooting steps up the line to top
executivves and the bboard of directtors. All inforrmation and
advice in the reports help the organnization to im
mprove itself
graduallly. BBB does this in order too prevent and// or mitigate
risk froom unexpectedd situations, w
which could leead to loss,
injury, oor harm sufferred as a result in the future. Informatics
Pharmaacy Manager coommented:
Inn the pharrmacy unit, there are numerous
phaarmaceutical llaboratories, eequipment andd machines.
So, we always coonduct risk asssessment in vaarious areas
andd for variouss potential prroblems includding IT by
depploying differennt technologiess and aligningg them to the
inteernal process.. We always check risk annd seek the
prooper solutions to solve thesse problems, which may
occcur from thesse technologiies. Thereforee, we keep
moonitoring for thhe unexpectedd incidents andd problems,
wh ich may emergge in the futuree.
Figuure 5 discussses the use oof IT for Bussiness Risk
Manag ement, whichh indicates ddifferent view
ws i.e. Not
importaant, Slightly im
mportant, and F
Fairly importannt were all
unratedd (0.00%) whille Quite impoortant (48.26%
%) and Very
importaant (51.74%) elicited positive responses from staff
membeers. Accordingg to the respoonses from in terviewees,
there w
were only tw
wo outstandin g answers, w
which were
developped positively. This means B
BBB has high potential in
the use of IT to achievve business rissk managementt. It is clear
that BB
BB does not cooncern itself onnly about risk control but
also keeeps a close w
watch over buusiness risk, w
which could
indicatee that staff andd senior managgement pay higgh attention
to healtth and safety of patients thrrough their peerception of

2465

2013 Proceedings of PICMET '13: Technology Management for Emerging Technologies.

Very Important

51.74%

Quite Important
Fairly Important

0.00%

Slightlyy Important

0.00%

Nott Important

0.00%

0.00
0%

48.26%

20.00%

40.00%
60.00%

Fig.
F 5: Use of IT for
f Business Risk M
Management

buusiness risk. In
n this way, IT runs
r
as the maain player to drrive
thhe business furtther dynamicallly by operatin
ng and controlling
alll risks in variious areas of business. At the
t same time, it
unnderstands thatt there was imp
provement in patient
p
sentimeent;
beecause BBB does
d
not stop
p developing IT in ways that
t
suupport the business to meet th
heir satisfaction
n.

REFERENCES
[1]
[2]

V. CONC
CLUSION

[3]

This research
h summarizes the integration
n of business and
a
IT
T by implemen
nting IT govern
nance to facilittate and integrrate
IT
T and businesss effectively. It significantly
y focuses on the
buusiness objecctives and an
nalyzes beforrehand prior to
deeploying techn
nologies. Theese processes and approach
hes
suupport opportu
unities to invesstigate IT gov
vernance in BB
BB,
w
which emerge th
he research ob
bjectives. This research leadss to
exxamine how IT governance cope most concerns in its
doomains by delivering
d
han
nds-on knowlledge, which is
coonsidered as th
he critical succeess factors. It presents
p
a casee of
ann internationaal hospital in Thailand an
nd classifies the
finndings within
n the areas of
o strategic alignment,
a
vaalue
deelivery and risk
k managementt. Referring to them, it could
d be
thhe solutions, which
w
lead practitioners to handle
h
difficultties
annd unlikely situ
uations within their organizattions. In this way,
w
it leads to recognize how to align businesss and IT, deliv
ver
vaalue and manaage risk effecttively. This co
ould lead to bee a
goood sample case study that other
o
organizattions may realiize,
addapt, and folllow to suit their businesss environmen
nts.
Thherefore, this research aim
ms to achieve long-term for
suustainability su
uccess by deplo
oying IT govern
nance.
In accordancce with the daata of this reseearch, it emerg
ges
thhat IT govern
nance implem
mentation is an
a approach for
deeveloping straategic informaation system. Consequently,, it
ennhances strateegic implemen
ntation in heaalthcare industtry,
w
which elevates higher
h
businesss value perforrmance. Based on
thhe nature of thiis research, it is
i in immaturitty stage, which
h is
coomplicated to strengthen a holistic view in a single case
stu
tudy. For that reason,
r
it inten
nsely aims for more producttive
reesearch in this area.
a

[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
[14]
[15]
[16]
[17]
[18]

2466

Ham
mdan, B.J.; "Exam
mining the Anteceddents of Sarbanes--Oxley Section
404 IT Control Weeaknesses: An E
Empirical Study," International
nference on Inform
mation Systems, 20011.
Conf
Thee Organisation ffor Economic C
Co-operation and Development
(OE
ECD); OECD P
Principles of Coorporate Governnance. OECD
Pubblications Service, 2004.
Lianng, T.P., Y.C. Chhiu, S.P.J. Wu andd D. Straub, "Thee Impact of IT
Govvernance on Organnizational Perform
mance," Americas Conference on
Infoormation Systems, 2011.
Willlson, P. and C. P
Pollard, "Explorinng IT governance in theory and
pracctice in a large muultinational organizzation in Australiaa," Information
Systtems Managementt, vol. 26, pp. 98-109, 2009.
PriccewaterhouseCooppers, "IT Governaance in Practice - Insight from
leadding CIOs," 2006.
Infoormation Technollogy Governance Institute (ITGI), An executive
view
w of IT governancee, 2009.
Turnner, L.D. and A.B
B. Weickgenannt; Accounting inform
mation systems
conttrols and processees. Hoboken, NJ: W
Wiley, 2009.
Winnkler, T.J., C. Goeebel, A. Benlian, F
F. Bidault and O. Gnther; "The
Imppact of Software as a Service on IS Authority A Contingency
Persspective," Internattional Conference on Information Syystems, 2011.
Sam
mbamurthy, V. annd R.W. Zmud, "Arrangements foor Information
Techhnology Governaance: A Theory of Multiple Continngencies," MIS
Quaarterly, vol. 23, isssue 2, pp. 261-2900, 1999.
Peteerson, R.; "Crrafting informatiion technology governance,"
Infoormation Systems M
Management, vol. 21, issue 4, pp. 7--22, 2004.
Brow
wn, C.V.; "Exaamining the emeergence of hybriid governance
soluutions: Evidence from a single ccase site," Inform
mation Systems
Reseearch, vol. 8, issuee 1, pp. 69-94, 19997.
Weiill, P.; "Dont justt lead, govern: Hoow top-performingg firms govern
IT,"" MIS Quarterly Exxecutive, vol. 3, isssue 1, pp. 1-17, 20004.
Bro cklesby, J.; "Ethiics beyond the moodel: How social dynamics can
inter
erfere with ethicaal practice in opperational researcch/management
scieence," Omega, vol.. 37, issue 6, pp. 1073-1082, 2009.
Fernneley, E. and F. Bell, "Using briccolage to integratee business and
infoormation technolo gy innovation in SMEs," Technovation, vol. 26,
issuue 2, pp. 232-241, 22006.
Bakker, T. and R.E. Neelson, "Creating soomething from notthing: resource
consstruction through entrepreneurial brricolage," Administrative Science
Quaarterly, vol. 50, ppp. 329-366, 2005.
Levvi-Strauss, C.; Thee savage mind. Oxxford: Oxford Unniversity Press,
196 6.
ftman, J.N., R. P
Papp, and T. Brieer, "Enablers andd inhibitors of
Luft
busiiness-IT alignmeent," Communicaations of the Asssociation for
Infoormation Systems, vol. 1, issue 11, ppp. 1-32, 1999.
Verra, D. and M. Croossan; "Improvisattion and innovativve performance
in teeams," Organizatiion science, vol. 166, issue 3, pp. 203--224, 2005.

2013 Proceedings of PICMET '13: Technology Management for Emerging Technologies.

[19] Al-Osaimi, K., A. Alheraish, and S. Bakry; "An integrated STOPE
framework for e-readiness assessments," National Computer
Conference, IT and Sustainable Development, 2006.
[20] Al-Gahtani, S.S.; "Modeling the electronic transactions acceptance
using an extended technology acceptance model," Applied Computing
and Informatics, vol. 9, issue 1, pp. 47-77, 2011.
[21] Kooper, M.N., R. Maes, and E.E.O.R. Lindgreen; "On the governance
of information: Introducing a new concept of governance to support the
management of information," International Journal of Information
Management, vol. 31, issue 3, pp. 195-200, 2011.
[22] IT Governance Institute, IT Alignment: Who is in charge?, 2005.
[23] Berghel, H.; "The two sides of ROI: Return on investment vs. risk of
incarceration," Communications of the ACM, vol. 48, issue 4, pp. 1520, 2005.
[24] Pennington, R. and B. Tuttle; "The Effects of Information Overload on
Software Project Risk Assessment*," Decision Sciences, vol. 38, issue
3, pp. 489-526, 2007.
[25] Chan, Y.E.; "Why havent we mastered alignment? The importance of
the informal organization structure," MIS QuarterlyExecutive, vol. 1,
issue 2, pp. 97-112, 2002.
[26] Ciborra, C.; "De Profundis? Deconstructing the concept of strategic
alignment," Scandinavian Journal of Information Systems, vol. 9, issue
1, pp. 67-82, 1997.
[27] Maes, R.; "Information management: An integrative perspective,"
Information management:Setting the scene, pp. 11-29, 2007.
[28] Ciborra, C.; The labyrinths of information: challenging the wisdom of
systems. Oxford: Oxford University Press, 2002.
[29] Levy, M., P. Powell, and P. Yetton; "SMEs: aligning IS and the
strategic context," Journal of Information Technology, vol. 16, issue
2001, pp. 133-144, 2001.
[30] Venkatraman, N.; "IT-enabled business transformation: from
automation to business scope redefinition," Sloan Management Review,
vol. 35, issue 2, pp. 73-87, 1994.
[31] Ward, J. and P. Griffiths; Strategic planning for information systems.
Chichester: Wiley, 1996.
[32] Mller, K.and A. Rajala; "Rise of strategic nets - New modes of value
creation," Industrial Marketing Management, vol. 36, issue 7, pp. 895 908, 2007.
[33] Doern, R.and C. Fern; "E-commerce developments and strategies for
value creation: The case of Russia," Journal of World Business, vol. 41,
issue 4, pp. 315 - 327, 2006.

[34] Betha, A.; "Enterprise Integration for Value Creation in an

Organization," Complex Systems Concurrent Engineering, pp. 649-656,
2007.
[35] Lin, B.; "Information technology capability and value creation:
Evidence from the US banking industry," Technology in Society, vol.
29, issue 1, pp. 93 - 106, 2007.
[36] Lippert, S.; "Silver Pricing: Satisfying Needs Is Not Enough Balancing Value Delivery and Value Extraction Is Key in The Silver
Market Phenomenon Marketing and Innovation in the Aging Society,"
Springer-Verlag Berlin Heidelberg, pp. 161-173, 2011.
[37] Teneyuca, D.; "Organizational Leaders Use Of Risk Management for
Information Technology," Information Security Technical Report, vol.
6, issue 3, pp. 54 - 59, 2001.
[38] Wyk, R., P. Bowen and A. Akintoye; "Project risk management
practice: The case of a South African utility company," International
Journal of Project Management, vol. 26, issue. 2, pp. 149 - 163, 2008.
[39] Vellani, N.; "Information technology risk management," Strategic
Security Management, pp. 133 - 157, 2007.
[40] Bakker, K., A. Boonstra and H. Wortmann; "Does risk management
contribute to IT project success? A meta-analysis of empirical
evidence," International Journal of Project Management, 2009.
[41] Mintzberg, H.; The rise and fall of strategic planning. New York: Free
Press, 1994.
[42] Yin, R.K.; Case study research: design and methods. Thousand Oaks,
CA: Sage Publications, 2003.
[43] Benbasat, I., D.K. Goldstein, and M. Mead; "The case research strategy
in studies of information systems," MIS Quarterly, vol. 11, pp. 369386, 1987.
[44] Eisenhardt, K.M.; "Building theories from case stdy research,"
Academy Management Review, vol. 14, issue 4, pp. 532-550, 1989.
[45] Walsham, G.; "Interpretive case studies in IS research: Nature and
Method," European Journal of Information Systems, vol. 4, issue 2, pp.
74-81, 1995.
[46] Tyrell, S.; Using information and communication technology in
healthcare. Oxford: Radcliffe Medical Press, 2002.
[47] Bhattacharjya, J. and V. Chang; "Adoption and implementation of IT
governance: cases from Australian Higher Education," Australian
Conference on Information Systems, 2006.
[48] Pratt, M.G.; "From the editors: For the lack of a boilderplate: Tips on
writing up (and reviewing) Qualitative research," Academy of
Management Journal, vol. 52, issue 3, pp. 856-862, 2009.
[49] Layngley, A.; "Strategies for theorizing from process data," Academy
Management Review, vol. 24, issue 4, pp. 691-710, 1999.

2467