Investigating IT Governance Practice and Its Application, Benefits, and Administrative Implications in the Banking Sector, Saudi Arabia

Governance is one of the most effective tools to stimulate investments because it encourages the growth of financial markets. IT governance is a fundamental part of corporate governance. It helps achieve many advantages and benefits for companies. This study aims to examine the level of IT governance practice and its application, benefits, and administrative implications in the private banking sector in Saudi Arabia. To achieve the research objective, the inductive and deductive research approaches are employed to address the questions and collect the data. A 5-point Likert scale questionnaire was administered to three categories of employees in the selected Saudi banks. The findings revealed that IT governance contributed to creating a competitive advantage and adding real value to the banks through improving their reputation, increasing the market share, and enhancing customer satisfaction, which resulted in an improvement in the value of the banks. However, it is recommended that the rules of control and the principles of IT governance are considered in the future policies of Saudi banks, their mission, structures, and decision-making.


Introduction
Giant businesses in different countries worldwide have collapsed and notorious scandals of financial crime and fraud, as well as administrative corruption, have rocked the financial markets. The WorldCom scandal in 2002 following a massive accounting fraud, the stakeholders' huge losses of Enron in the United States, and the collapse of Robert Maxwell's business empire in the United Kingdom were not just the biggest accounting scandals in history; they were the biggest corporate bankruptcies of all time. These incidents have made the international community realize that the rules, which governed the performance of companies, have proved to be inadequate and ineffective (Markham, 2015). As a result, the international community, represented in various local and international organizations, has developed new controls that govern the performance of companies through the governance bodies of financial markets and other relevant bodies. These controls are referred to as Corporate Governance Principles (Bonn & Fisher, 2005).
The financial industry, particularly the banking sector was seriously affected throughout the last two decades by rapid advancements in information and communication technology, which has changed the way banks are organized, their business strategies, and relationships with customers (Mehdiabadi et al., 2020). In this regard, Duffy (2004) emphasized that governance is one of the most effective tools to stimulate investments in countries because it encourages the growth of their money markets. Governance involves delivering honest and transparent financial statements. Due to the wide-ranging implementation of IT in managing the companies' operations and activities, the noticeable increase in their investments, and the increase of the value of strategic information (profitability of products, services and customers, market opportunities, threats of competitors, customer satisfaction, and technological innovations), it is, therefore, important to adopt more effective governance practices, which support strategic performance by focusing on IT governance (Wellens & Jegers, 2014). The wrong IT application results in incurring enterprises significant financial losses that may sometimes push them to lower their competitiveness or affect the reputation and value of the enterprise, thereby ending up out of the market entirely (Fletcher, 2006). IT governance is an integral part of corporate governance; it can achieve many advantages for companies. These include enhancing profitability and the effectiveness of the performance of business sectors, achieving competitive advantage, achieving stability and credibility of financial sectors at the local and international levels, promoting trade cooperation, and strengthening the relationship between business enterprises and stakeholders of all groups (Fakhra, 2001). Moreover, IT governance contributes to making many strategic decisions related to implementing and operating IT, thereby linking it with the overall strategic goals of business organizations. Therefore, IT governance has facilitated the process of collecting, recording, organizing, filtering, analyzing, and retrieving specific information and publishing it, including documents, records, and data stored in the computer's memory (Ul Musawir et al., 2017). For any business organization, information management systems are valuable because they compile and classify the best practices, store, and distribute them across the organization, which makes the organization less vulnerable to employee turnover (Javier & Fá tima, 2011). The impact of the tremendous development in the field of information technology, which is based on the use of electronic computers in the production of information and electronic data processing systems in performing the required tasks is noticeably considerable. This has, in turn, resulted in a significant decrease in time and routine work that was manually applied daily by employees in the company (Lin, 2011). Accordingly, information is analyzed and processed to provide reports that help in rationalizing the decision-making process, generating planning budgets, and contributing effectively to make strategic decisions in the company. The use of modern information technology in information systems has provided many benefits. These benefits include accuracy in performing operations, speed in providing the necessary information, a significant reduction in operating costs, and tightening internal control over the implementation of operations (Zhu, 2004). Moreover, IT governance has an effective role in creating competitive advantages and adding real value to companies by maximizing the value, increasing competitive advantage, providing new products of high quality at lower costs, and improving the satisfaction of consumers and other related parties (Selig, 2018). Therefore, this study aims to address the following research question: 1. What are the elements and dimensions of the concept of IT governance in the banking sector in KSA? 2. Does IT governance play a role in enabling banks' IT governance and enhancing competitiveness?
3. Does IT governance increase the quality of administrative information in terms of reliability and suitability?
This study is significant research in the application of the IT governance principles and practices in business organizations due to the lack of related studies in the context of the developing countries, particularly the Arab world. The findings of this study emphasized that the increasingly growing business trend towards utilizing advanced techniques of information technology and the shift from traditional manual accounting systems to very advanced electronic accounting systems. Furthermore, the significance of the study is derived from the significant concept of IT governance and its application, which can achieve the interaction of financial and administrative systems in the interest of capital, investors, and stakeholders. Academically speaking, this study is significant research, which contributes to enriching the literature on IT governance and providing further insights into IT governance elements and dimensions. Unlike previous studies, this study investigated IT governance from an administrative standpoint, not from an accounting perspective. Finally, the findings of this study contribute to the body of knowledge in the wider Arab context IT governance to increase the quality of administrative information and improve decision-making in the Saudi banking sector.

Information Technology (IT)
The tremendous and rapid changes over the last era of the twentieth century have increased global competition and the transformation of many large organizations into multinational companies. Therefore, the success and survival of organizations are very much dependent on their rapid response to adapt to these changes. IT provides the necessary tools, which help respond quickly and adapt to these changes efficiently and effectively. Industrial developments and the continuous shift towards increasing the degree of machinery and the use of advanced IT emphasized the necessity to keep abreast of this new technology to remain strong and productive by being able to compete and survive (Al-Mashari, 2005). IT has become the primary engine of change and, therefore, it is the basis for managing the processes and knowledge necessary to create and maintain economic and social activities for companies. The ability of companies to survive, grow, and continue is largely dependent on their efficiency in managing their IT systems to seize opportunities, take advantage of benefits, face challenges, and manage risks. Therefore, IT should be considered as an investment, which must be managed, not as a cost that must be contained (Nolan & McFarlan, 2005). Also, IT enables the organization to shorten time and distances in communications, increase the range and depth of information access, and encourage faster and more effective sharing of knowledge (Abu Musa, 2005).

The Application of IT Governance Practices
It is important to support an effective application of IT governance practices within organizations. This can be done as follows (Robinson, 2005): -Creating value: IT can create value for organizations if they are included in the organization's mission and strategy. The application of IT should meet the organization's requirements and its operations. This can be carried out through committees of supervision and guidance to achieve the feasibility of such an investment.
-Adding value: Investing in IT is a difficult administrative decision to be made due to the high costs incurred and uncertainty regarding its results. Therefore, a balance must be made concerning costs, risks, and revenues of IT investment.
-Sustaining value: The integration of internal control and IT-related risk management programs helps strengthen the organization's ability to create and sustain value by establishing a risk and control management framework. These processes must be continuous to identify and minimize the impact of risks and challenges such as detecting disasters or crises early to maintain the survival of businesses.
-Resource management: The investment in IT resources is an important item in the budget of any firm owing to the high investment costs in IT resources. Businesses face many challenges to maintain IT devices, data, and applications through constant, periodic updates. The IT resources include hardware, applications (software), databases, and employees who are carefully trained to acquire the necessary skills.
-Performance management: It is necessary to have specific mechanisms to measure the IT performance, the use of resources, the accompanying services, the performance of operations, and service delivery. These methods include the organizational capacity increase model, the balanced scorecard record, Six Sigma for measuring quality, and statistical analyses.
-IT governance supervision: both corporate governance and IT governance are interrelated processes that should be integrated into the firm's organizational structure. The implementation mechanisms of IT governance are 1) social mechanisms of implementation, 2) intellectual mechanisms of implementation, and 3) other supporting mechanisms of implementation of IT governance. Regarding the social mechanisms, the results of previous studies indicated that the social dimensions are an important factor in the implementation of the IT project and the development of implementation processes in the organization. Regarding the intellectual mechanisms, several communication channels can be used to publish and document businesses through many electronic sources. The IT manager manages knowledge by promoting and sharing it with employees by providing databases that allow them to easily access data (Schroeder & Pauleen, 2007). The reactions of clients and their feedback about the services are important to be recorded by informal committees that follow complaints and inquiries and provide the required consultation (Chatwin, 2002). Concerning the supporting mechanisms of applying IT governance in the company, these include strategic planning, whereby the executive manager shoulders the responsibility of implementing the IT project by providing advice on various implemented mechanisms. He is also responsible for reviewing the company's annual reports, reviewing plans and models, and integrating them into the strategic planning and decision-making processes as part of the IT governance (Müller et al., 2019). However, the implementation of these mechanisms is a difficult and complicated process, which requires hugely concerted efforts. Therefore, mechanisms such as training employees on information systems, information technology, and making use of previous successful experiences and models in the implementation of the IT project are crucial along the application process (Rothwell, 2010).

The Concept of Administrative Information Quality
Due to the existence of gigantic companies with their wide-ranging activities, means, and methods for gathering, analyzing, and classifying information has become necessary to be made available when decisions are made. These methods are called information systems (Fleisher & Bensoussan, 2015). The information system involves the operations of data collection from separate sources as an input of the system. This information is analyzed, classified, and documented to generate output information for the management in the decision-making process (Beckers & Bsat, 2002). Therefore, adopting a sound, scientific method or approach to obtain this information and organize the process of using it is one of the first and most important duties of modern management to rationalize its decisions, especially when this administration faces a huge amount of information on various aspects of daily work (recently called the Approach Information System). The concepts of quality of information involve two important elements, including general standards for measuring the quality of information and the characteristics of information quality (Lee et al., 2002). Information quality can be measured by five general standards, i.e., accuracy, the usefulness of information, efficiency, effectiveness, and prediction. According to the accuracy measure, the more accurate the information is, the higher the quality of information will be and the more valuable the information is (Al-Baz, 1990). Regarding the usefulness of information, this measure can be divided into five types of benefits, including formal benefit, time benefit, place benefit, the evaluation benefit, and the corrective benefit of information (Hussain et al., 2015). Regarding the characteristics of information quality, two main characteristics that can make information useful and meaningful for the decision-maker; relevant and reliable. In describing these two characteristics, the FASB indicated that relevance can be achieved when it has sub-properties, including the right timing, regulatory value, and predictive value. As for the reliability feature, it can be achieved when it has sub-properties, including the validity of information, objectivity, verification, comparability, and consistency of information when applying policies and procedures (Whittington, 2008). Figure 1 shows a conceptual framework of IT governance practices and its applications, benefits and administrative implications based on the literature review.

Research Methodology
To achieve the study objective, inductive and deductive research approaches are employed to address the research questions. Following the inductive method, data were collected from different sources, including related books, references, and scholarly papers regarding information technology governance, as well as published reports that addressed the topic. On the other hand, the deductive method was used to examine the level of IT governance practice and its application, benefits, and administrative implications in the private banking sector in Saudi Arabia. To collect the data of the study, a 5-point Likert scale questionnaire was developed as the primary research instrument in this study. A stratified sampling method was adopted to calculate the representative sample due to the large size of the population. According to Al-Sayyad (1990), the following equation was used to calculate the sample size. The study population included the programmers and accountants in the financial, accounting, and administrative departments, the managers of information systems, and the IT experts in the selected Saudi banks. These banks included Al-Rajhi Bank, Arab Bank, National Commercial Bank, Riyad Bank, the Saudi French Bank, Saudi American Bank (SAMIA), the Saudi British Bank (SABB), and the Saudi Dutch Bank, as well as clients of these banks. Because of the large size of the population, a stratified sampling method has been implemented for a representative sample of the population. the sample size is calculated by using the following equation (Khalifa, 2005).

Analysis and Discussion of Results
The respondents of the questionnaire are divided into three categories: the programmers and accountants in the financial, accounting, and administrative departments (103 employees), the information systems managers (18 employees), and the IT experts (91 employees) in the selected banks. Table 1 illustrates the obtained response rate of the questionnaire, which is reliable. Moreover, SPSS was implemented to perform statistical data analysis, including the reliability of the study variables and hypotheses testing. Table 2 illustrates the alpha coefficients' values of the variables. Based on the reliability results of Cronbach's alpha in Table 2 (ranging from 0.5714 to 0.8124), the values are reliable and, therefore, the results can be generalized. In the following section, the descriptive statistical analysis of the study variables is provided. Table 3 illustrates the respondents' perceptions about the application of IT governance in the selected Saudi banks, which shows total agreement among the respondents about the necessity of implementing IT governance. Based on Table 3, the most important respondents' trends towards IT and information technology governance according to the arithmetic mean are as follows:

The Application of IT Governance
 (X1.9) Information technology governance focuses on the necessity of the strategic link between service providers and customers (Average capacity 4.71).
 (X1.6) Information technology governance is an integral part of the governance system because the IT governance principles include defining the responsibilities of the board of directors and holding shareholders accountable to the board (Average capacity 4.62).
 (X1.2) Implementing IT governance is the responsibility of the bank's board of directors and executive management (Average capacity 4.57).
 (X1.1) The cost of IT can be justified by the benefits expected from it (Average capacity 4.06).
 (X1.8) The implementation of IT governance requires the support of leadership, organizational structures, and operations in the bank, including the bank's strategy and objectives to be achieved (Average capacity 3.48).
The results, which are illustrated in Table 3 showed that the standard deviation of all the variables is less than .14, which means that there is no variation in the answers of the respondents and that all the answers are close to the arithmetic mean of the variable. Also, the results showed that there is an agreement on arranging the bank's orientations towards information technology and information technology governance at the level of each group and the level of the total sample. Table 4 illustrates the respondents' perceptions about the benefits and advantages of IT governance in the selected Saudi banks, which shows total agreement among the respondents that the application of IT governance can achieve many benefits and advantages for the bank. According to Table 4, the most important advantages, or benefits for the bank due to the implementation of IT governance according to its relative importance are as follows:

The Benefits and Advantages of IT Governance
• (X2.2) IT governance creates a controlled environment within the bank to ensure that IT is led and managed efficiently and effectively (Average of 4.89).
• (X2.3) IT governance leads to the achievement of clarity, credibility, transparency, responsibility, and internal control in the bank (Average of 4.83).
• (X2.8) IT governance adds value to the bank and minimizes risks associated with investments in IT (Average of 4.36).
• (X2.5) Implementing IT governance supports the achievement of organizational and business goals and maximizes investments in IT (Average of 4.28).
• (X2.10) IT governance creates a link between IT strategies and the bank's strategies (Average of 4.14).
According to Table 4, the results showed that the standard deviation of all the variables is less than 1.0, which means that there is no variation in the respondents' answers and that all the answers are close to the arithmetic mean of the variable. The results showed that there is agreement among the study groups that the application of information technology governance can lead to achieving several benefits/advantages for the bank. Table 5 illustrates the respondents' perceptions about the IT governance practices in the selected Saudi banks, which shows total agreement among the respondents about the banks' IT governance practices.  Table 5 shows that the most important practices adopted by companies in information technology governance, according to their relative importance, are respectively as follows:

IT Governance Practices
 (X3.2) Management and Director of IT Governance (Average of 4.64).
 (X3.9) continuous self-evaluation and assurance of the independence of IT governance control activities in the company (Average of 4.31).
 (X3.1) Committees to direct IT oversight in a company (Average of 4.23).
It is also evident from the previous table that the standard deviation for all variables is less than the correct one, which means that there is no dispersion in the answers to the sample items and that there is agreement on the arrangement of IT governance practices. Table 6 illustrates the respondents' perceptions of the administrative implications of IT governance in the selected Saudi banks. The results showed total agreement among the respondents regarding the IT governance's administrative implications. Based on the results in Table 6, the management implications of IT governance according to the arithmetic mean are as follows:

Administrative Implications of IT Governance
• (X4.1) Accuracy in performing mathematical and administrative operations (Average of 4.85).
• (X4.4) Increased ability to store massive amounts of data and information (Average of 4.37).
Besides, the results showed that the standard deviation of all the variables is less than 1.0, which indicates that there is no variation in the responses. On the contrary, there is consistency, convergence, and agreement on the specific answers about the administrative repercussions by the governance of information technology. Table 7 illustrates the respondents' perceptions about the impact of leadership and organizational culture on IT governance in the selected Saudi banks. The results showed total agreement among the respondents regarding the influence of leadership and organizational culture on IT governance.  Table 7 illustrates that both leadership and organizational culture play an important role in implementing IT governance in the bank and that its relative importance is as follows:

The Role of Leadership and Organizational Culture in IT Governance
 (X5.1) The effective leadership of the bank plays an important role in implementing IT governance (Average of 4.69).
 (X5. 2) The success in implementing information technology governance in the bank is related to the culture of learning and development (Average of 4.43).
 (X5.4) The success in implementing information technology governance in the bank is related to the culture of support and cooperation in the bank (Average of 3.88).
 (X5.3) Successful implementation of IT governance in a bank is related to participation in authority (delegation of authority) and decision-making (Average of 3.81).
The results in Table 7 showed that the standard deviation for all the variables is less than 1.0, which indicates that the respondents agreed on the importance of leadership and organizational culture in implementing IT governance.
Moreover, Kruskal Wallis Test was used to test the significance of differences between the averages of the respondents' perceptions about the previously analyzed dimensions of IT governance as illustrated in Table 8. Table 8 shows that the differences regarding the perceptions of the three study groups on the variables related to IT governance are insignificant differences at a significant level of 0.05 to 0.01. The results indicated that there is consistency among the groups about the relative importance of the sub-components of each variable of the study although they have different jobs.

Conclusion
The findings of the study emphasized that IT governance is an integral part of corporate governance. IT governance is considered one of the most important strategic determinants of the success or failure of organizations. In the Saudi banks, IT governance contributed to creating a competitive advantage and adding real value to these banks through improving their reputation, increasing the market share, and enhancing customer satisfaction and other related parties, which resulted in an improvement in the value of the bank. Consequently, the effective application of IT governance is considered an asset and a good investment for these banks. Moreover, the findings revealed that IT governance is a key element in the application of effective and advanced technology in banks. Furthermore, IT governance is an appropriate input to increase the benefit of information because one of the elements of strengthening the governance system is the existence of an efficient and transparent information system, which ensures the prompt provision of information. The results of the study showed that the most important advantages and benefits of implementing IT governance are: -Creating a controlled environment within the company to ensure efficient and effective leadership and management of IT. -Achieving clarity, credibility, transparency, and internal control in the company.
-Adding value to the bank and diminishing the risks associated with investments in IT.
-Supporting the achievement of organizational goals, business goals, and maximizing investments in IT.
-Establishing a link between IT strategies and the bank's strategies.
Moreover, the results of the study showed that the most important practices adopted by companies in IT governance are as follows: -Managing and directing IT governance.
-Training bank employees in IT projects.
-Providing continuous assessment and ensuring the independence of IT governance control activities at the bank.
-Providing IT control committees of IT projects.
Based on the findings of the study, the following recommendations are advanced.
-Making use of the multiple benefits achieved by the implementation of enterprise resource planning systems (ERP) and IT governance. Such an application can be utilized in business organizations operating in the Saudi context.
-Including the rules of control and the principles of IT governance in the future policies of Saudi banks, their mission, structures, and decisions.
-Emphasizing the importance of the role of senior management in the successful implementation of IT projects through an effective commitment and participation in implementing these projects.