Evaluation of the Impact and Effectiveness of Information Technology Governance in the National Regulator for Compulsory Specifications (NRCS)


  • Lourens Johannes Erasmus
  • Alfred Malasele Sekhula


Corporate Governance; Performance Management; Risk Management; Information Service Provider


Corporate governance has received a lot of attention over the last few years. Major factors
contributing to this are a number of major corporate fraud cases and the introduction of new
regulations, such as the Sarbanes-Oxley Act in 2002 for American companies and the King II report
for South Africa. The attention to corporate governance also leads to attention to information
technology (IT) governance because IT plays a vital role in supporting business processes.
Information technology governance is a subset discipline of corporate governance, focusing on
information and technology and its performance and risk management. Information technology
governance is essential to ensure that the National Regulator for Compulsory Specifications (NRCS)
gets expected return on investment. Information technology (IT) governance is all about the
implementation of processes, structures and mechanisms that enable business to realise value from IT
investment. The main objective of this study was to evaluate the impact and effectiveness of IT
governance in NRCS. The researcher’s aim was: to examine the effectiveness of IT controls
implemented on the NRCS IT systems; the enforcement of IT policies; the alignment of the IT
department with business; and accountability of IT management. This study was conducted using a
qualitative research design – specifically case study as a research method. A case study allowed the
researcher to gather information through interview questions and observation of the target population,
which comprises NRCS management, IT personnel and systems. To conclude the study, the
researcher has identified factors prohibiting the NRCS IT department to enforce and implement IT
governance for NRCS to realise return on investment they made on IT infrastructure. The inferences
may be drawn that effectiveness of IT governance can be achieved by training management and IT
personnel in IT governance, using approved IT policies and aligning IT strategy with a business