Information technology plays a strategic role in corporate decisions. IT governance aims to align the IT processes with a firm’s business strategies, leverage on technology infrastructure, and control IT-related risks and costs (Jairak & Praneetpolgrang, 2013). Different models exist for IT management, e.g., COBIT, which supports business-IT alignment. A generic balanced scorecard (BSC) can also be used in IT governance and business strategy execution. This paper compares and contrasts BSC and COBIT and describes the context in which each model is used.
Similarities
The BSC is a strategic alignment tool that enables planners to translate business goals into measurable key performance indicators (KPIs) (Herdiansyah, Kunang, & Akbar, 2014). Similarly, a vital characteristic of the COBIT model is business orientation implemented through the performance goals and metrics application. According to Zhang and Fever (2013), COBIT is based on the premise that IT governance is anchored on information required to support corporate goals. The data that feeds this framework comes from the three dimensions of this model: “information criteria (integrity, confidentiality, etc.), IT resources, and IT processes” (Zhang & Fever, 2013, p. 392). COBIT lends IT performance metrics a business orientation.
The COBIT control objectives fit into the BSC model. It specifies three levels of measurements: IT, process, and activity metrics that delineate business expectations from IT, process-related deliverables that support IT goals, and means of achieving the desired performance, respectively (Zhang & Fever, 2013). Outcome and performance measures constitute the KPIs that can be used to track IT operations. Similarly, the BSC method contains metrics clustered into four fundamental domains: “financial, internal business, customer, and innovation and learning” (Kopecka, 2015, p. 61). Thus, the usage of strategic business/IT goals and KPIs to monitor performance are common in both frameworks.
Cascading BSC can help support business integration, supply chain consolidation, and team accountability through KPIs like lead-time, quality, defect rates, etc. (Herdiansyah et al., 2014). The metrics capture the performance of all stakeholders and partners involved in the business process. Similarly, COBIT uses RACI charts to delineate the obligations of different actors in IT governance. Zhang and Fever (2013) state that the duties of the CEO, CFO, and CIO, among others, are implemented in the COBIT 4.1 version. At the heart of this model are stakeholder orientation, strategy-IT alignment, and operational excellence. Thus, business/IT function integration is a standard feature in the two models.
Differences
COBIT is primarily an IT governance framework that provides business-IT alignment tools useful for IT management. It comprises three elements: “information criteria, IT resources, and IT processes” and related objectives to enable executives to balance risk and control in IT projects (Zhang & Fever, 2013, p. 393). In contrast, the BSC method consists of four perspectives – financial, internal business, customer, and innovation and learning – that help management adapt performance metrics to a firm’s strategic objectives (Kopecka, 2015). As such, while BSC supports the execution of business strategies, COBIT aims to link business management and IT control. The latter model gives a roadmap for improved IT service, identification of risks, and development of controls. In comparison, the BSC methodology guides the implementation of vision and strategy.
The two frameworks also differ in their role in meeting enterprise needs. COBIT facilitates business-IT alignment, responsible use of IT resources, and efficient IT risk management (Zhang & Fever, 2013). On the other hand, BSC meets enterprise needs by enabling planners to manage business performance (quality, productivity, etc.), customer satisfaction, and organizational learning. Therefore, while COBIT is limited to IT governance and information security, BSC gives a spectrum of performance metrics to managers. COBIT allows executives to establish a robust IT control system, while BSC helps in internal process improvement.
Further, COBIT emphasizes on the enterprise need met by each control objective (Zhang & Fever, 2013). In contrast, the BSC proposes that we view business performance in the context of strategy. Improvements in the learning and growth perspective would translate into better internal processes and customer and financial outcomes for the enterprise (Kopecka, 2015). Thus, the framework helps management to know what to do in the four BSC perspectives to achieve the desired results. In contrast, COBIT allows managers to maximize the value of IT investments, avoid risks, support auditing, and comply with regulations (Zhang & Fever, 2013).
Context
The context in which BSC is applied is primarily in strategic planning and management. It supports managerial decision-making in large firms through a spectrum of performance metrics. It can also be used in smaller entities; however, the number of KPIs must be reduced (Kopecka, 2015). Based on board-level strategy or vision, the management defines strategic objectives, implementation activities, and metrics in line with the BSC model. COBIT is primarily applied in IT governance, risk, and security. Corporate investments in IT are growing to support business informational needs. In an environment faced by cyber threats and privacy infringement, implementing COBIT is critical to receive optimal value from the IT resources and protect data from IT-related risks (Zhang & Fever, 2013).
Conclusion
Both BSC and COBIT models involve performance metrics and goals and include a certain level of process integration. However, some conceptual differences exist between the two – constituent elements, role in enterprise need, and strategic vs. control objectives. In addition, the context in which BSC is used (strategic planning) is different from that of COBIT (IT governance).
References
Herdiansyah, M. I., Kunang, S. O., & Akbar, M. (2014). IT strategy alignment in university using IT balanced scorecard framework. Advanced Science Letters, 20(1), 2038-2041. Web.
Jairak, K., & Praneetpolgrang, P. (2013). Applying IT governance balanced scorecard and importance-performance analysis for providing IT governance strategy in university. Information Management & Computer Security, 21(4), 228-249.
Kopecka, N. (2015). The balanced scorecard implementation, integrated approach and the quality of its measurement. Procedia Economics and Finance, 25, 59-69. Web.
Zhang, S., & Fever, H. L. (2013). An examination of the practicability of COBIT framework and the proposal of a COBIT-BSC model. Journal of Economics, Business and Management, 1(4), 391-395. Web.