이사회의 전략적 IT 의사결정 참여가 조직의 성과에 미치는 영향: IT 거버넌스의 관점에서 (The Effects of the Board’s Participation in Strategic IT Decision Making on Business Performance: IT Governance Perspective)

과거에는 IT 의사결정이 모두 CIO 주도로 이뤄졌지만, 조직의 성과에 심각한 피해를 줄 수 있는 IT 위험의 증가와 비즈니스 전략과 IT 전략의 연계 필요성 증가에 따른 IT 의사결정의 권한과 책임에 대한 관심이 증가하는 상황에서는 CIO 중심의 IT 거버넌스는 적합하지 않다고 볼 수 있다. 최근 연구에서 IT 거버넌스는 이사회와 경영진의 책임이라고 밝히고는 있지만 실제로 이사회의 IT 거버넌스 참여가 조직의 성과에 어떤 영향을 주는지에 관한 실증 연구는 부족한 상태이다.
이사회의 IT 의사결정 참여의 정당성을 지지해 주는 이론을 대리인 이론과 전략적 선택이론의 관점에서 찾아볼 수 있다.
즉, 대리인 이론은 경영진의 무능력, 태만, 부정행위로 촉발된 잘못된 의사결정으로 인한 주주의 손실을 방지하기 위한위험관리의 관점에서 찾아볼 수 있고, 전략적 선택이론은 이사회가 전략적인 의사결정에 참여함으로써 주주의 이익을 강화시키려는 비즈니스- IT 연계의 관점에서 살펴볼 수 있다. 이처럼 이사회의 전략적인 IT 의사결정의 참여는 비즈니스- IT 연계와 정보시스템 위험 준비도에 직접적인 영향을 미치고 결국 정보시스템의 효과와 경영성과에 영향을 주게 된다.
본 연구에서의 조직의 성과는 정보시스템 효과성과 경영성과로 파악된다. 여기서 정보시스템 효과성과 경영성과는 모두CIO와 비즈니스 중역들이 인식하는 비계량적인 측정 방법을 사용했다. 주관적인 측정 방법은 전략과 관련된 성과를 측정할 때 흔히 이용되는 방법이다.
본 연구를 위해 기업의 CIO 1인과 비즈니스 중역 2인을 대상으로 설문조사를 진행했다. 총 1,470부의 설문지가 배포가2006년 10월 23일부터 11월 31일까지 진행이 되었다. 배포한 설문지 중에 회수된 설문지는 12월 1일까지 총 285부로파악되었고, 이 중에서 유효한 설문지는 271부로 나타났다. CIO 105명(38.7%)과 비즈니스 중역 166명(61.3%)이 응답을 했다. 이것을 기업별로 분석한 결과 총 110개 기업에서 최소 1부 이상을 보낸 준 것으로 파악되었다. CIO와 비즈니스 중역들의 응답차이를 확인하고자 독립표본 T-검정을 시행했으나 유의미한 차이를 발견하지 못했다.
분석방법은 PLS를 사용했고 분석 도구는 PLS-Graph 3.0을 이용했다.
종합해 보면 이사회의 전략적 IT 의사결정 참여는 IT 거버넌스 요인인 비즈니스-IT 연계와 정보시스템 위험 준비도에 영향을 주고, 이들은 다시 정보시스템 효과성에 긍정적인 영향을 줘서 경영성과에 영향을 미치는 것으로 나타났다.
본 연구의 예상되는 공헌점은 기존의 정보시스템 영역에서의 IT 관리를 IT 거버넌스 측면으로 확장시켰을 뿐만 아니라 이사회의 IT 의사결정 참여가 기업 성과를 높이는데 도움을 주는 것을 확인함으로써 앞으로 기업 전략의 방향을 제시할 수 있다.

In the early stage of IT governance, only computer-related policy and process were associated with IT governance. However, today’s IT is becoming far more complex, IT investment is increasing, and core business tasks are being operated based on IT. All of these lead to the intimate relation between IT and business. Although IT governance has various definitions among scholars and practitioners, they all strive to build a framework for decision making and responsibility to encourage the desirable use of IT. There are two major sources of motivation in IT governance. One is the concerns on corporate governance for improving the transparency of firms and the other one is the concerns on lack of ability to deal with the risk of firms.
IT not only plays a key role in present business systems but also in preventing and protecting the firms’ asset from iniquity, loss, and abuse. Unfortunately, as the IT applications propagate, firm’s risk management ability is often not sufficient. IT risk may threaten the going concern of a firm because the size of damages becomes larger as technology improves. Thus IT should not be managed just at the IT department level but at the enterprise level. That is, IT governance is strongly related to shareholder’s value. In this perspective, the firm’s board, as an agent, is extremely important to protect the value of shareholders, the true owners of the firm.
Previous researches on information systems only considered CEO, CIO, and IT executives as stakeholders while neglecting the board. However, information systems are now considered as the foundation for the firms’ core businesses and the investments in information systems increase along with more functionally advanced requirements and thus risks are rising accordingly. This phenomenon demonstrates that the past view of IT as a functional part should be transformed into the perspective of IT governance.
Theories that support the righteousness of the board’s involvement in IT decision making may be found in the agency theory and the strategic choice theory. In the agency theory’s view, the board may be used as a monitoring mechanism for shareholders’ benefit. According to this theory, the board is to monitor and assess the conducts of agents (CEO and management), to align their rewards to business performance, and to assign or dismiss them in order to protect and maximize the shareholder’s value. Fundamentally, it supports the perspective that it is critical to prevent the shareholder’s loss due to fault decision makings triggered by the management’s incompetence, delinquency, or misconduct.
Strategic choice theory states that organization structure is defined by strategic choice of management with authority. This view focuses on individuals or groups in the organization to explore the organization process. This ruling group is able to strategically form a specific organization structure to maintain and strengthen its power, but the final formation of organization structure may not necessarily maximize the effectiveness of organization. In this case, the fiduciary responsibility of the board is to assure the maximization of shareholders’ wealth. Therefore, the board is required to involve aggressively in the strategic decision making for positive outcome. The most widely discussed issue regarding the board’s role is the effect of its involvement in the strategic decision making on financial outcome of the organization. Strategic decision makers in this theory are to pursuit the optimization of financial outcome in its firm. When applying this theory to IT governance, the board should pay attention to the strategic IT decision making.
The strategic choice theory strengthens the shareholder’s benefit by allowing the board’s involvement in the strategic decision making and thus complements the perspective of business-IT alignment. The board’s involvement in the strategic IT decision making directly influences the business-IT alignment and IT risk readiness level. In consequence, it makes the impact on effectiveness of IT and business performance. The performance of an organization, in this study, is the effectiveness of IT and business performance. Both of them are measured qualitatively using the perception of CIO and other business executives. Subjective measurement is a widely adopted method for measuring the strategy itself or related performance. This research conducted surveys on one CIO and two other business executives of a firm.
Total of 1470 questionnaires were distributed. Answered questionnaires were 285 copies and 271 of them were valid for analysis. 105 CIOs (38.7%) and 166 business executives (61.3%) responded. By classifying by firms, total of 110 firms have sent more than a copy. In order to analyze the difference between CIOs and business executives, we conducted independentsample t-test but did not find a noticeable difference. PLS was used for analysis method and analysis instrument was PLS-Graph 3.0.
Business performance has R2 value of 14.8%, alignment of business and IT has 22.3%, and risk readiness is 30.9%. Effectiveness of information systems is 66.5%. R2 value of business performance may be explained by the fact that there are many factors that affect the business performance besides IT. That is, involvement of the board in the strategic IT decision making has effect on business-IT alignment and IS risk readiness. Then these will influence the effectiveness of IS and this loop finally affect the business performance. The business-IT alignment and IT risk readiness explains effectiveness of IT at the level of 66.5%. In addition, a path coefficient of business-IT alignment has the highest value, 0.575.
Effectiveness of IS explains business performance by a level of 14.8%. The path coefficient between IS risk readiness and effectiveness of IS has the lowest value, 0.278. This proves that the firm’s IS risk preparation is still vulnerable.
In summary, this research found that the board’s involvement in strategic IT decision making has influences on business-IT alignment and IS risk readiness - factors of IT governance - and they create positive effects on the effectiveness of information systems and also on business performance. The expected contribution of this research is that first it has extended IT management to IT governance perspective; second, it ascertains that the board’s involvement in IT decision making creates favorable results of a firm performance and furthermore the direction of strategy of a firm.