https://doi.org/10.22463/2011642X.3674
Recibido: march 15, 2022 - Aprobado: august 26,2022
How to cite:
G.P. Vergel-Arévalo, T. Velásquez-Pérez & H.F. Castro-Silva, “Digital transformation in state entities”, Rev. Ingenio, vol. 20(1), pp.
53-57, 2023
State companies have models of governance and management of Information Technology - IT, which are structured from the perspective of ISO/IEC 38500:2015, COBIT, MinTIC guidelines, ISO 20000 and ITIL v3, which incorporate the key decision factors, policies and guidelines, model components, and value chain processes. This project proposed the revision of the improvement strategy applicable to these models, through the evaluation of the current situation and determination of the plan that allows raising the maturity level for the generation of value in Colombian state entities. For the development of the research with a quantitative approach, we start with the review of the current state of maturity and gaps of the IT governance model and the IT governance and management macro-process with respect to meeting the objectives and goals established in the IT processes. This is followed by the definition of the management plan to close the identified gaps aligned with the MinTIC guidelines, the COBIT 2019 framework, and the ITIL 4 information technology infrastructure library. Finally, the work concludes with a manual for the application of the improvement strategy to the proposed model.
Keywords:COBIT, digital transformation, IT governance, IT management, maturity levels, state entities
Las empresas del estado cuentan con modelos de Gobierno y gestión de Tecnología de Información -TI, los cuales se estructuran desde la perspectiva de la norma ISO/IEC 38500:2015, COBIT, lineamientos de MinTIC, ISO 20000 e ITIL v3, que incorporan los factores claves de decisión, políticas y lineamientos, componentes del modelo y cadena de valor de los procesos. Este proyecto planteó la revisión de estrategia de mejoramiento aplicable a dichos modelos, mediante la evaluación de la situación actual y determinación del plan que permite elevar el nivel de madurez para la generación de valor en entidades del estado colombiano. Para el desarrollo de la investigación con enfoque cuantitativo se parte de la revisión del estado actual de madurez y brechas del modelo gobierno de TI y el macroproceso de gobierno y gestión de TI frente al cumplimiento de los objetivos y metas establecidas en los procesos de TI, continúa con la definición del plan de tratamiento para el cierre de brechas identificadas alineado a los lineamientos de MinTIC, el marco de referencia COBIT 2019 y la biblioteca de infraestructura de tecnología de información ITIL 4 y se concluye con una guía de aplicación de la estrategia de mejoramiento al modelo planteado.
Palabras clave:COBIT, digital transformation, IT governance, IT management, maturity levels, state entities
Industry 4.0 is very recent and its application and impact is causing a lot of expectations [3]. Security challenges are very high in this industry, as developers face cyber threats, vulnerable devices, and poor security measures in the design and development of applications [4]. That said, although there is a model in alignment with reference frameworks, guidelines, and good IT practices, the implementation of these will be conditioned by the level of maturity of the organization and, in other cases, justified by local legislation [5]. Therefore, it is necessary to assess the level of maturity through mechanisms that provide a method to define the "AS IS" and "TO BE" situation of the governance maturity that allows defining the improvement based on them [6].
Colombia has developed mechanisms for the management of citizen services in its ongoing technological evolution. As a result, a state policy is generated, whose scope is the implementation and recognition of the use of Information and Communication Technologies - ICT. This is a fundamental instrument to improve public management and the state-citizen relationship [2], which is self-diagnosed by the entities through the management progress report.
Similarly, Indonesian IT policy has been formulated to ensure that IT governance in public organizations conforms to the rules and method in IT, which needs monitoring and evaluation in its compliance management [7]. On the hand, the private sector level, as is the case study of XYZ-edu, evaluates the maturity level of IT governance to increase the level of maturity and control of information technology that is appropriate for each area or business process [8].
Organizations have been driven to use information technologies in the daily operation of processes to generate value for customers and users. This motivation to satisfy the demand for increasingly agile and digital services gives relevance to the alignment of the digital transformation of procedures and services. As a result, the demands for maturity levels are higher.
Most state-owned companies have operational IT Governance and Management models in place and positioned. However, it is necessary to continue improving the IT incorporation in the strategy of state entities. The proposal of improvement strategies applicable to IT government models for digital transformation in state entities, not only allows meeting the requirements of the governing bodies, but also advancing in the development of the Digital Government policy and in the growth expected by the United Nations.
IT Governance is a fundamental part of corporate governance and is responsible for the ongoing oversight of processes, organizational structure, and mechanisms to enable the business and IT staff to carry out their responsibilities for business support/IT alignment, as well as business value creation [9].
IT governance integrates and institutionalizes best practices to ensure that IT supports business objectives, enables the enterprise to make the most of its information, maximize benefits, capitalize on opportunities, and gain competitive advantage. In consequence, COBIT 2019, which is a framework for the governance and management of enterprise information technology, is relevant to the entire company [9].
This framework makes a clear distinction between governance and management, with governance being the mechanism that ensures that stakeholder needs, conditions, and options are assessed to determine balanced and agreed business objectives. At the same time, this allows the management through prioritization and decision making with verification of performance and compliance with the agreed objectives[9].
Within the processes of the domain Evaluate, Manage and Monitor - EMM which deals with government objectives includes practices and activities oriented to evaluate strategic options, providing IT direction and monitoring output (Evaluate, Guide and Monitor) in line with the concepts of the ISO/IEC 38500 standard.
The objective of the International Standard ISO/IEC 38500 (2015) is to provide principles, definitions, and a model for governing bodies to use in assessing, directing, and monitoring the use of information technology (IT) in their organizations. Otherwise, the management of information technology in alignment with good IT practices is carried out with the Information Technology Infrastructure Library - ITIL, which is a set of best practices for Information Technology Service Management and is a registered trademark of the UK government and is protected by the English Copyright Act [10].
The first books published at the beginning of the century were replaced in 2007 by five publications that present suggested processes for the efficient management of technology in an organization, according to the different phases that IT services have in their life cycle. The phases were framed in the strategy, design, transition, and operation of the services. These phases were accompanied by a discipline that supports organizations transversally recognized as continuous improvement.
ITIL has led the IT Service Management - ITSM industry with guidance, training, and certification programs for over 30 years. This is updated by redefining much of the established ITSM practices in the broader context of customer experience, value streams and digital transformation, as well as the adoption of new ways of working, such as Lean, Agile and DevOps, now aligned with the fourth industrial revolution, the now aligned with the fourth industrial revolution, the digital era. As a result, the new framework for technology service management is called ITIL 4.
IT Corporate Governance is concerned with the creation of value from digital transformation and the mitigation of business risk derived from this transformation. In light of the digital transformation, information and technology (I&T) has become essential to the support, sustainability and growth of businesses. Previously, governing councils (steering committees) and senior management could delegate, ignore or avoid decisions related to I&T [9].
In the State, according to the National Planning Department, digital transformation implies changing its processes, incorporating modernization in tools, inclusion of technology, and adequate management of massive data to improve efficiency and value generation [11][11].
The scope of the research is based on the descriptive study that seeks to specify the properties, characteristics, and processes that are subjected to analysis and aims to measure or collect information independently or jointly on the concepts or variables to which it refers. In other words, the objective is not to indicate how the measured variables are related to each other [12].
The technique of document analysis and field instruments such as surveys and direct observation will be used mainly for the assessment of the current state of maturity and gaps of the IT Governance Model. For the development of the treatment plan to close the gaps identified in the current application of the IT Governance Model, interviews and documentary analysis will be carried out. This will guide the application of the improvement strategy to the IT Governance Model and the macro process of Governance and Management of Information Technology of pension entities.
The Online Services Index (OSI) is a measure of the scope and quality of the provision of online services. The Telecommunications Infrastructure Index (TII) determines the state of development of the telecommunications infrastructure. The Human Capacity Index (HCI) is a measure of literacy level and schooling rate.
To determine the E-Government Development Index, a survey is conducted, which is mainly aimed at decision-makers in policy-making, members of academic institutions, professionals from the private sector, civil society, as well as public officials with expertise in public administration and information technologies for e-government E-Government and ICT for development [13].
Over the years, various surveys have been carried out to measure the level of IT development in member states of the United Nations [13]. (See Table 1).
At the Central American level, in 2005 the Mexican Inter-Secretarial Commission published the Agreement for the Development of Electronic Government (EGD). This allows the contribution of those responsible for the areas of information technology in the development of Digital Government, aiming to generate progress with the incorporation of information technology. Between 2007 and 2009, an annual evaluation of the maturity of Digital Government was performed by the Digital Government Unit and support of the institutions of the Federal Public Administration, obtaining an indicator value of 6.19 in 2007, 6.77 in 2008 and 7.01 in 2009 [14].
Likewise, in the 2010 evaluation, Mexico was ranked 56th in the global ranking with a value of 0.5150. In 2012, the country was ranked 55th with a value of 0.6240 and ranked No. 8 among the countries of the Americas. In this same evaluation, Colombia obtained an index value of 0.6572 for 2010 and 0.6125 for 2013, with a ranking of No. 4 in Central America, according to the same index [13].
The questionnaire assesses a series of characteristics related to various topics that allow measuring the evolution of ICTs. The survey data are collected by a group of researchers through a primary research and compilation effort (See Figure 1).
In Colombia, a planning and management integrated model - PMIM [16] has been designed, which integrates the administrative development and quality management systems in coordination with the internal control system. The model is made up of seven dimensions, each of which groups management and institutional performance policies. The purpose of the Management with values for results dimension is to achieve compliance with institutional strategic planning through the execution of the necessary activities within the framework of public service values. This dimension is composed of two perspectives: one associated with the proper operation of the organization called "from the window inwards"; and the other centered on citizen-focused services "from the window outwards".
The "inward window" has a Digital Government policy that seeks to promote the use and exploitation of Information and Communication Technologies (ICTs) to consolidate a competitive, proactive and innovative State and citizens that generate public value in an environment of digital trust [16].
In Colombia, the Single Management Progress Report Form (FURAG) has been developed and is the online tool for reporting management progress, as well as an input for the monitoring, evaluation, and control of institutional performance.
The 'Plan Vive Digital Para La Gente' 2014 -2018 is the roadmap of the Ministry of Information and Communication Technologies [17]. This plan seeks to reduce poverty, generate employment, and develop solutions to the problems of Colombians through the strategic use of technology. The objective is to have a more efficient and transparent government thanks to ICTs, as well as to provide the best online services and procedures to citizens through Online Government.
The ICT Plan 2018-2022 'El Futuro Digital Es De Todos' has its focus on providing massive connectivity coverage nationwide considering both rural and urban areas. This plan aims to use internet as an instrument to close the digital divide, supplying quality network access with the necessary speed to transform the country's social and economic conditions [18].
In 2018, Colombia, in terms of digitization of public services, obtained a score of 0.6871 out of 1 according to the E-Government Development Index (EGDI), achieving the 61st position among 193 countries. With this result of the verification [18], the country fell 4 positions with respect to the 2016 measurement, maintaining the negative trend presented in previous measurements.
In the verification of the 2020 index, Colombia obtained a score of 0.7164 being higher than in 2018. However, the country maintained its 61st position in the international ranking. In addition, it ranked among the six countries in the Americas with the highest EGDI values, among which Mexico, Barbados, Colombia, Peru, Bahamas, and Ecuador stand out.
MinTIC's IT Management and Governance Model Master Document [19] describes the structure of the model, the domains and guidelines, the model's guidelines, the evidence to be generated, as well as the processes that allow IT to be properly managed (see Figure 2).
Source. [19]The improvement strategy applicable to the IT governance model for digital transformation includes people and digital culture, business processes, data and analytics, as well as technology (See Figure 3).
In the IT governance model for digital transformation, the maturity level of 0 non-existent, 1 with few structured activities, 2 initially defined, 3 operational fully implemented and 4 optimized can be determined. In addition, it includes processes, data, technology, as well as people and their digital culture.
[1] C. E. Marulanda Echeverry, M. López Trujillo, and F. J. Valencia Duque, “Gobierno y gestión de ti en las entidades públicas,” AD-minister, no. 31, pp.75–92, Nov. 2017. Doi: https://doi.org/10.17230/ad-minister.31.5.
[2] Ministerio de Tecnologías de la Información y las Comunicaciones, “MGGTI.G.GEN.01 –Documento Maestro del Modelo de Gestión y Gobierno de TI,” vol. V 1.0, pp. 1–51, 2019.
[3] E. A. Chacón-Ramírez, J. J. Cardillo-Albarrán, and J. Uribe-Hernández, “Industria 4.0 en América Latina: Una ruta para su implantación,” Rev. Ingenio, vol. 17, no. 1, pp. 28–35, 2020. Doi: https://doi.org/10.22463/2011642x.2386.
[4] J. S. Rueda Rueda, “El reto del desarrollo seguro de aplicaciones IoT en un mercado acelerado,” Rev. Ingenio, vol. 18, no. 1, pp. 54–61, 2021. Doi: https://doi.org/10.22463/2011642x.2667.
[5]J. Honores Ortiz and S. Bayona-Oré, “Implementación de un Marco para el Gobierno TI en una Entidad Financiera,” Iber. J. Inf. Syst. Technol., pp. 220–233, 2019, [Online]. Available: http://search.proquest. com/openview/51fd6ca3e764341b64712e419022d2 b4/1?pq-origsite=gscholar&cbl=1006393
[6] S. De Haes and W. Van Grembergen, “Information technology governance best practices in Belgian organisations,” in Proceedings of the Annual Hawaii International Conference on System Sciences, 2006, vol. 8, p. 195b. Doi: https://doi.org/10.1109/HICSS.2006.222.
[7] L. N. Amali, M. Mahmuddin, and M. Ahmad, “Towards good monitoring IT governance in public sector organizations,” ARPN J. Eng. Appl. Sci., vol. 10, no.3, pp. 1203–1209, 2015.
[8] A. Ishlahuddin, P. W. Handayani, K. Hammi, and F. Azzahro, “Analysing IT Governance Maturity Level using COBIT 2019 Framework: A Case Study of Small Size Higher Education Institute (XYZ-edu),” 2020 3rd Int. Conf. Comput. Informatics Eng. IC2IE 2020, pp. 236–241, 2020. Doi: https://doi.org/10.1109/IC2IE50715.2020.9274599.
[9] ISACA, COBIT 2019 Marco de referencia:Introducción y metodología. 2019. Accessed: Nov.17, 2022. [Online]. Available: https://issuu.com/koshertechnology/docs/cobit-2019-framework-introduction-and-methodology_
[10] D. P. Castellanos Reyes and D. M. Velásquez Sarmiento, “Plan de mejora para la Transformación Digital en una Empresa de Telecomunicaciones,” UNIVERSIDAD EXTERNADO DE COLOMBIA, 2018. [Online]. Available: http://administracion.uexternado.edu.co/es/centros/tecnoprod/asignaturas/ desarrollosostenible/justificacion.html
[11] Departamento Nacional de Planeación, “Plan Nacional de Desarrollo 2018-2022 ‘Pacto por Colombia, pacto por la equidad.’""
[12] R. Hernández Sampieri, C. Fernández Collado, and P. Baptista Lucio, METODOLOGÍA DE LA INVESTIGACIÓN. 2018. Doi: https://doi.org/10.17993/ingytec.2018.46.
[13] Departamento de Asuntos Económicos y Sociales,E-Government Survey 2012. New York, 2012. Doi: https://doi.org/10.1017/9781316599983.002.
[14] C. Hernandez Tufiño and C. A. Rodríguez Fuentes, “Evaluación De La Madurez De La Plataforma De Tic Del Gobierno Federal Mexicano Con Respecto a Países Seleccionados,” 2011. [Online]. Available: https://infotec.repositorioinstitucional.mx/jspui/bitstream/1027/168/4/Trabajo final - Cesar Claudio - 290811.pdf
[15] Organización de las Naciones Unidas [ONU], “Paz, dignidad e igualdad en un planeta sano,” Naciones Unidas, 2020.
[16] Función Pública, “Cómo opera MIPG - MIPG - Función Pública,” Departamento Administrativo de la Función Pública, 2016.
[17] MinTIC, “El Plan Vive Digital 2014-2018,” 2014. Accessed: Nov. 17, 2022. [Online]. Available: http://www.mintic.gov.co/portal/vivedigital/612/w3-article-19654.html
[18] PlanTic, “Plan TIC 2018-2022 El Futuro Digital es de Todos,” El Futur. Digit. es Todos, pp. 1–105, 2018.
[19] Mintic, “MANUAL DE GOBIERNO DIGITAL Implementación de la Política de Gobierno Digital,” vol. 2018, pp. 1–38, 2018.
* Magíster (c).Correo: gpvergela@ufpso.edu.co
** Doctora.Correo: tvelasquezp@ufpso.edu.co
*** Doctor. Correo: hugofernando.castro@uptc.edu.co