Authors: Emir H. Pernet, Jeimy J. Cano

Abstract:

Maturity models, used descriptively to explain changes in reality or normatively to guide managers to make interventions to make organizations more effective and efficient, are based on the principles of statistical quality control and PDCA continuous improvement (Plan, Do, Check, Act). Some frameworks developed over the concept of maturity models include COBIT, CMM, and ITIL. This paper presents some limitations of traditional maturity models, most of them related to the mechanistic and reductionist principles over which those models are built. As systems theory helps the understanding of the dynamics of organizations and organizational change, the development of a systemic maturity model can help to overcome some of those limitations. This document proposes a systemic maturity model, based on a systemic conceptualization of organizations, focused on the study of the functioning of the parties, the relationships among them, and their behavior as a whole. The concept of maturity from the system theory perspective is conceptually defined as an emergent property of the organization, which arises as a result of the degree of alignment and integration of their processes. This concept is operationalized through a systemic function that measures the maturity of organizations, and finally validated by the measuring of maturity in some organizations. For its operationalization and validation, the model was applied to measure the maturity of organizational Governance, Risk and Compliance (GRC) processes.

Keywords: GRC, Maturity Model, Systems Theory, Viable System Model.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1337593

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2649

References:

[1] Kohlegger, M., Maier, R., & Thalmann, S. (2009). Understanding Maturity Models Results of a Structured Content Analysis. Proceedings of I-KNOW´09 and I-SEMANTICS´09, (pp. 51-61). Graz, Austria.
[2] De Haes, S., & Van Grembergen, W. (2004). IT Governance and its mechanisms. Information Systems Control Journal.
[3] IBM Corporation. (2007, October). The IBM Data Governance Council Maturity Model: Building a roadmap for effective data governance. 6,7.
[4] SE-CMM®. (2003). Systems Security Engineering Capability Maturity Model®. Model Description Document Version 3.0.
[5] Deming, E. (1997). Calidad, Productividad y Competitividad. Barcelona: Dasantos.
[6] Bach, J. (1994, September). Satisfice INC. (American Programmer) Retrieved August 4, 2008, from http://www.satisfice.com/articles/ cmm.shtml.
[7] Padma, P., Ganesh, L. S., & Rajendran, C. (2008). An Exploratory Study of the Impact of the Capability Maturity Model on the Organization. (A. Global, Ed.) The Quality Management Journal, 2(15), 20.
[8] IT Governance Institute. (2012). Cobit 5.0.
[9] Lankhorst, M. (2005). Enterprise architecture at work: Modelling, communication, and analysis. Berlin: Springer.
[10] Pink Elephant. (2004). ITIL Process Maturity.
[11] Rogers, G. P. (2009). The role of maturity models in IT Governance: A Comparison of the major models and their potential benefits to the enterprise. In A. Cater-Steel, Information Technology Governance and Service Management: Frameworks and Adaptations. Information Science Reference.
[12] Shea, C. M., & Howell, J. M. (1998). Organizational Antecedents to the Successful Implementation of Total Quality Management: A social Cognitive Perspective. Journal of Quality Management, 3(1), 3.
[13] Thibodeau, P. (2007, November 19). Heft of New Tech-Buying Guidelines May Prove Intimidating. (A. Global, Ed.) Computerworld, 47(41), 12.
[14] Kruger. (2001). Main schools of TQM: The big five. The TQM Magazine, 13(3), 146-155.
[15] Cutting, T. (2006, February 6). Surviving Process without Going Berserk. (A. Global, Ed.) Computerworld, 6(40), 34.
[16] Linberg, K. R. (1988). Modern approaches for understanding and managing organizations. (A. R. Library, Ed.) Futurics, 3(4), 22.
[17] Flading, J. L. (2007, July). Certifications and the Contracting Community. (A. Global, Ed.) Contract Management, 7(47), 18.
[18] IT NOW. (2005, September). Capability model mature - or is it?
[19] Adler, P. S. (2005, May). The Evolving Object of Software Development. (A. Global, Ed.) Organization, 401
[20] Jackson, M. (1994, Julio-Diciembre). Más allá de las modas administrativas: El pensamiento sistémico para los administradores. Innovar, 6-21.
[21] Ackoff, R. L. (1992). Beyond Total Quality Management. (U. o. Hull, Ed.) High Profile Lecture.
[22] Kantor, J. R. (1945). Psychology and Logic. Bloomington: Principia Press.
[23] Flood, R. L., & Carson, E. R. (1993). Dealing with complexity: an introduction to the theory and application of systems science (Second Edition ed.). New York: Plenum Press.
[24] Hall, A. D., & Fagen, R. E. (1956). Definition of a System. In Y. o. Theory, General Systems (pp. 1-10).
[25] Hatch, M. J. (1997). Organization Theory. Modern, Symbolic and Postmodern Perspectives. Oxford University Press.
[26] Ansari, S. (2004). System Theory and Management Control.
[27] Checkland, P. (2005). Pensamiento de Sistemas. Práctica de Sistemas. Limusa. Noriega Editores.
[28] Argyris, S. D. (1995). Organizational Learning II: Theoy, Method, and Practice. Reading MA: Addison Wesley.
[29] Gregory, A. J. (2007). A systems approach to strategic management. Proceedings of the 51st Annual Meeting of the ISSS-2007, Tokyo, Japan (Vol. 51, No. 2). Tokyo, Japan.
[30] Espejo, R., & Harnden, R. (1989). The Viable Systems Model - Interpretations and Applications of Stafford Beer´s VSM. Chichester: 1989.
[31] Van Gigh, J. P. (2006). Teoría General de Sistemas (Tercera Edición ed.). México: Trillas.
[32] Kark, K., Othersen, M., & McClean, C. (2007, December 4). Defining IT GRC. Forrester.
[33] COSO. (September 2004). Enterprise Risk Management - Integrated Framework. Vancouver: PricewaterhouseCoopers LLP.
[34] Baer, M. H. (September 2009). Governing Corporate Compliance. Retrieved from http://ssrn.com/abstract=1474291.
[35] Rodrigues, A. M., Stank, T. P., & Lynch, D. F. (2004). Linking Strategy, Structure, Process and Performance in Integrated Logistics. Journal of Business Logistics, 25(2), 65-94.
[36] Stank, T. P., Keller, S. B., & Closs, D. J. (2001). Performance Benefits of Supply Chain Logistical Integration. Transportation Journal, 41(2/3), 32-46.
[37] Chen, H., Daugherty, P. J., & Roath, A. S. (2009). Defining and Operationalizing Supply Chain Process Integration. Journal of Business Logistics; 30, 1, 63.
[38] Lambert, D. M., García-Dastugue, S. J., & Croxton, K. L. (2005). An Evaluation of Process-oriented Supply Chain Management Frameworks. Journal of Business Logistics, 26(1), 25-51.
[39] Frohlich, M. T., & Westbrook, R. (2001). Arcs of Integration: an International Study of Supply Chain Strategies. Journal of Operations Management, 19(2), 185-200.
[40] Fenzl, N. (2003). Emergence and Self-Organization of Complex Systems. The Role of Energy Flows and Information. Arshinov/Fuchs, 245-258.
[41] Fuenmayor, R. (2001). Interpretando Organizaciones. Una teoría sistémico-interpretativa de las organizaciones. (U. d. Andes, Ed.)
[42] Miller, G. (1997). Introduction: context and method in qualitative research. In g. Miller, & R. Dingwall, Context and method in qualitative research (pp. 1-11). London: Sage.
[43] Beer, S. (1985). Diagnosing the System for Organizations. Chichester: John Wiley & Sons.
[44] Hoverstadt, P. (2008). The Fractal Organization. The Atrium, Southern Gate, Chichester, West Sussex, PO22 OLH, UK: John Wiley & Sons.
[45] Bonilla, G. (1988). Métodos Prácticos de Inferencia Estadística. El Salvador: UCA Editores.
[46] Briones, G. (2011). Métodos y técnicas de investigación para las ciencias sociales. Mexico: Trillas.