Strategic portfolio of IT projects at universities: A systematic and non-conventional literature review

Valverde-Alulema, Francisco; Llorens-Largo, Faraón; Valverde-Alulema, Francisco; Llorens-Largo, Faraón

doi:10.15446/ing.investig.v39n2.72431

Services on Demand

Journal

Article

Indicators

Cited by SciELO
Access statistics

Ingeniería e Investigación

Print version ISSN 0120-5609

Ing. Investig. vol.39 no.2 Bogotá May/Aug. 2019

https://doi.org/10.15446/ing.investig.v39n2.72431

Artículos originales

Strategic portfolio of IT projects at universities: A systematic and non-conventional literature review

La cartera estratégica de proyectos de TI en las universidades: una revisión de literatura sistemática y no convencional

Francisco Valverde-Alulema¹

Faraón Llorens-Largo²

^¹Computer Engineer, Universidad Central del Ecuador, Ecuador. M.Sc. in IT Management, Escuela Politécnica Nacional, Ecuador. Ph.D. in Computer Science, Universidad de Alicante, Spain. Affiliation: Professor, Universidad Central del Ecuador, Ecuador. E-mail: fvalverde@uce.edu.ec

^²Computer Engineer, Universidad de Alicante. Spain. Ph.D. in Computer Science, Universidad de Alicante, Spain. Affiliation: Professor, Universidad de Alicante, Spain. E-mail: faraon.llorens@ua.es

ABSTRACT

One of the most accepted review methods in the scientific community is the Systematic Literature Review (SLR). A SLR process allows determining the interest of the scientific community in the subject matter of the preliminary research, the type of research and the areas of knowledge to which the topic is more related, among other aspects. For our research, we need to determine the scientific basis of the portfolio of information technology (IT) project, as initial good practice for the implementation of an IT governance culture. Universities have been specifically selected as the type of organization in the communities that have developed formal processes and good practices for the implementation of IT governance. In addition to the SLR, a review was carried out based on non-conventional literature from repositories of prestigious professional organizations and universities. It is concluded that the portfolio of IT projects is a good practice of IT governance and that there is an interest from the scientific community. From this analysis, it is clear that there are works in both the area of Computer Science and the Administration of Organizations.

Keywords: Information technology; IT governance; Portfolio of IT projects; Best practices; Universities

RESUMEN

Uno de los métodos de revision mas aceptados en la comunidad científica es la Systematic Literature Review (SLR). Un proceso de SLR permite determinar el interés de la comunidad científica en el tema objeto de la investigación preliminar, encontrar publicaciones existentes y establecer las areas del conocimiento con las que el tema a investigar se encuentra más relacionado, entre otros aspectos. Para nuestra investigación necesitamos determinar la trascendencia científica de la cartera de proyectos de tecnologías de la información (TI), como una buena práctica inicial para la implantación de una cultura de gobernanza de las TI. Se eligen las universidades en las cuales se han desarrollado procesos formales y de buenas prácticas de implantación de gobernanza de las TI. Adicionalmente al SLR, se realiza una revision sustentada en la literatura no convencional de repositorios de organizaciones profesionales de prestigio y de universidades. Se concluye que la cartera de proyectos de TI es una buena practica de la gobernanza de las TI y que existe interés en la comunidad científica. Del análisis se desprende que hay trabajos procedentes tanto del area de las Ciencias de la Computación como de la Administración de las Organizaciones.

Palabras clave: Tecnologías de la información; Gobernanza de TI; Cartera de proyectos de TI; Buenas practicas; Universidades

Introduction

Universities have adopted Information Technology (IT) within administrative and academic processes. The question at this time is whether its use is adequate, that is, if IT has been acquired under an analysis of needs, if studies have been carried out to observe its benefits and possible risks when implemented, and especially if they have generated institutional value. The question of whether the technologies are aligned with the objectives of the organization and whether they are prioritized by top university management are aspects that have almost never been analyzed. Specific indicators are needed to confirm that IT is being used properly. A culture of IT governance can answer these questions.

IT Governance and Portfolio of IT Projects

Incorporating properly the IT in the University will dynamize its processes and allow them to fulfill its mission (^{Gonzalez, Arango, Vasquez and Ospina, 2015}). If universities do not get IT to create value, they will lose competitive advantage. Universities carry out studies to assess this issue, such as the UniversiTIC reports (Analysis of IT in Spanish Universities) (^{Gomez, Jimenez, Gumbau and Llorens, 2016}), which evolved so that, in addition to being a catalog of available technologies in universities, they collect characteristics of IT governance models. As a complement to the detailed inventory of IT deployed in Spanish universities, good practices in IT management are analyzed, addressing the optimization of IT resources, portfolio of IT projects, IT services, IT management, quality, regulations and IT standards and collaboration (^{Fernandez, Llorens and Hontoria, 2015}). In a dynamic and unpredictable environment, organizations, and therefore universities, are threatened by major changes, especially technological ones (Sierra, 2012). The use of technology and the management of IT projects become a key aspect for them. To develop a strategic role in the business, the IT organization needs to move from being an order-taker to becoming a business partner integrated with the rest of the company's activities, thus ceasing to be a set of tangible and intangible elements to become the strategic ally of the organization.

One of the most difficult questions to answer is how an organization can implement a governance culture of IT in a practical way. Management teams are adopting principles of IT governance. According to ^{Delgado, Marcilla, Calvo-Manzano and Fernandez-Vicente (2012)}, "IT governance encompasses a set of good practices that facilitate new opportunities for improvement in organizations". One of the best practices that can be applied in relation to the acquisition principle is the implementation of a portfolio of IT projects (Fernandez, Hontoria and Llorens, 2014). The portfolio of technological projects is the concrete expression of the company's technological strategy. In what and how resources are spent tells us a lot about the strategic priorities of a company, no matter they are explicit or not. Organizations must use IT portfolio management techniques to ensure that programs (a set of related IT projects) are aligned with strategic objectives (ISACA, 2013). The need to govern IT is a consequence of two strategic factors: the needs of the business and the maturity of the company (^{Juiz and Toomey, 2015}). As shown in Toomey (2009), in addition to technology, we must consider people, processes and structure to understand the IT governance. According to ^{Laita and Belaissaoui (2017)}, the IT governance aims to ensure that IT expectations and achievements are aligned with organizational objectives and that the associated risks are under control. There must be a strategic alignment between the use of IT and the achievement of business goals, both from the public or private sectors. Governing IT today is not a choice, and the Strategic Portfolio of IT Projects is a good practice that can help us with its implementation.

Systematic Literature Review

It is important to determine what previous studies have been developed on the subject, what areas of knowledge are relevant to the subject under research, what is the scientific interest on the subject, what is the group of documents that give scientific support to the research and what is the proper process to search for related documents. Finally, after the selection of articles, one must have the capacity to answer questions such as: what topics are being addressed? What are the different theories or approaches? What do the different authors think? What work or research lines do they propose? What problems do they address? What solutions have they found? And what gaps remain to be filled or research to be made? The Systematic Literature Review (SLR) is an important contribution as a mechanism to collect, organize, evaluate and synthesize all the available evidence regarding a topic of interest, either to improve the current practice or to suggest new research directions. A systematic literature review aims to exhaustively identify all the relevant studies, to answer a question or several research questions, and assess the validity or solidity of each study, keeping this in mind when drawing conclusions (^{Ferreras, 2016}; ^{Sanchez-Meca, 2010}; ^{Brettle, 2003}). A systematic review is the selection of documents whose origin is the databases of scientific research, such as Scopus and Web of Science (WoS), among others. The individual studies that contribute to the SLR are called primary studies. In this paper, we will base on the group of SLR activities proposed by ^{Kitchenham, Mendes and Travassos (2007)}, which is the most used in Software Engineering and Information Systems (^{Chai, Liu and Ngai, 2013}).

Non-conventional literature

The results of a research are published in journals, conference proceedings, monographs, theses and reports. The type of publication is very diverse and the access to publications in many cases is not simple or public. ^{Ferreras (2016)} affirms that the Internet and the Web have managed to solve these problems under the new scheme of digital journals that have become popular due to their characteristics and versatility. But this new scenario also opens a new way of dissemination to other types of research literature, such as doctoral theses, that is fundamental in scientific research and, therefore, essential in its communication. For this reason, any type of content or publication on the web can be, in theory, open access and can be digitized and put online without economic barriers or permits for reuse. PhD theses are a fundamental element in the development of research and represent an important milestone in the academic career of those who perform this work. In addition, as the objective is to find out if there is research on good governance practices of IT in Universities, due to the nature of the topic we cannot ignore the sources from professional associations (^{Cesare, Luzi and Ruggieri, 2008}; ^{Sondergaard, Andersen and Hjorland, 2003}).

Methodology

According to ^{Genero, Cruz-Lemus and Piattini (2014)}, and ^{Kitchenham et al. (2007)}, the need for a SLR arises from carefully summarizing all the relevant information on a specific topic of interest. Based on Kitchenham et al. (2007), we structure our systematic review in three phases: plan, do and report (Table 1).

Table 1 Phases and activities of the SLR

Source: Authors

Plan the SLR

Planning is considered a relevant activity, since the correct development of the SLR will depend on the decisions taken in this activity. Table 1 shows the activities of this first phase. In our work, this planning applies not only to the search of scientific databases, but also to the search of non-conventional literature. Activity 2 consists in formulating the research questions. As stated by ^{Genero et al. (2014)}, the specification of research questions is the most important aspect of any systematic review, since the questions will direct the entire process. Subsequently, the definition of the protocol of the review is addressed (activity 3). According to ^{Kitchenham et al. (2007)}, a SLR protocol is a formal plan to carry out the systematic review, which should reduce the possibility of bias. In this activity, the search and data extraction strategy is created. The elements to consider are: justify the relevance of the need to carry out the review; include research questions previously defined; and establish the search strategy, defining the search string, period and sources (Genero et al., 2014).

^{Genero et al. (2014)} also state that it is advisable to define initial search strings and apply them in some source to detect in the titles or summaries if in fact they are contributing to the objectives of the SLR. Regarding the sources to search, they must include articles from journals indexed in scientific databases or international conferences, books indexed in scientific libraries and non-conventional literature (reports of prestigious associations, scientific reports of experts in the area, doctoral theses, master's theses, norms and standards of recognized organizations). In addition, it is convenient in turn to review the bibliography of the articles found. The inclusion and exclusion criteria of the primary studies will help to reduce the number of publications to analyze. Researchers should also define the aspects to be taken into account for the qualification of each article. As affirmed by Genero et al. (2014), since the protocol is a critical element for the realization of the SLR, it is advisable that it is validated by experts (activity 4). The experts can be those who validate the final report of the SLR.

Do the SLR

In this phase, we put into practice what was previously planned in the protocol and we obtain the final results that will answer the research questions. Table 1 shows the tasks that must be executed in this phase. The set of relevant research (activity 5) is found following the search strategy defined in the review protocol. In this activity, it is necessary to refine the search strings, include new sources or change the period. It is important to document the changes and record the results through reference management systems. In addition to the basic data (title, authors, year, etc.) it is necessary to save the summary. The selection process should locate the primary studies (activity 6) that show evidences related to the research questions.

After selecting the primary studies, they will undergo a quality evaluation process (activity 7), following a checklist defined in the review protocol. All articles that do not exceed the minimum threshold established to be considered adequate for the research must be excluded. Subsequently, a data extraction list must be made, as defined in the protocol. As a result, the data extraction forms will be obtained filled with the information corresponding to each primary study that has been selected (activity 8). Once all the publications considered relevant have been collected, they will be synthesized using the methods established in the review protocol, which will answer the questions asked. The synthesis is accompanied by tables and graphs to illustrate the results (activity 9).

Report the SLR

The activities of this phase are detailed in Table 1. According to ^{Kitchenham et al. (2007)}, to finalize the systematic review, a report must be written that reflects the entire review process (activity 10), considering the means of disclosure selected when defining the protocol. It is necessary to collect the information with the detail of documentary quality and relevance of results. Finally, reports of validity threats, limitations of the SLR and lessons learned can be attached, which compile the experiences of the SLR carried out and can serve as reference for future researchers. The more information about the study, the more transparency of the validity will have the SLR performed. Finally, the report should be sent to experts for validation (activity 11).

Selection criteria

Our research work requires evaluating the effect of the portfolio of IT project as an initial good practice for the implementation of IT governance in Universities. Asystematic review of the scientific and non-conventional literature is initially proposed in order to identify the relevant studies to the following question: In a university with an IT governance that is not explicit, is the portfolio of IT project an initial good practice for the proper implementation of an IT governance framework?

To formulate the research question (activity 2), it has been considered that the general problem to be solved is the lack of an adequate implementation of a specific IT governance framework in universities. The population in which evidence is collected belongs to universities with an IT governance that is not explicit. The intervention group is the portfolio of IT projects as a good practice that deals in a cross-cutting way with all the IT governance principles. The results should be related to the portfolio of IT projects, as a good practice for the adequate implementation of a specific IT Governance framework for the universities.

We addressed the definition of the review protocol (activity 3). Four terms are proposed as key words of the search: "IT Governance", "Project Portfolio", "Good Practices" and "Universities", with its different terminological variants and considering the search both in English and Spanish. The databases consulted are WoS, Scopus and Google Scholar. In addition, due to the particularity of the research topic, the study is complemented with non-conventional databases of universities and recognized international associations. The inclusion criteria for the search in scientific databases and repositories of non-conventional literature are shown in Table 2.

Table 2 Inclusion criteria for scientific databases and non-conventional literature

Source: Authors

To determine the relevance of each publication in relation to the specific research topic, the five evaluation criteria that appear in Table 3 are used. Each criterion is rated with a value between 0 and 2, where 0 indicates a minimum contribution of the selected publication to the criterion, 1 a medium contribution and 2 a high contribution. After evaluating all the selected primary studies (activity 7), we proceed to select publications with a high level of contribution (which have obtained between 9 and 10 points) and read them completely. With these publications, the state of the art of the research will be written (activity 10).

Table 3 Criteria to evaluate the relevance of publications

Source: Authors

Results

In this section, the final results obtained in the systematic review are presented. The set of publications is cleared out, eliminating the redundant documents. We found 242 primary publications. It is observed that 147 of those publications come from scientific databases and 95 from non-conventional databases. From the publications found in the scientific databases, the highest percentage (46,94%) come from Scopus, followed by 38,10 % from Google Scholar and 14,97 % from WoS. Regarding non-conventional literature, 33,68 % of the publications found come from repositories of universities and 66,32 % from prestigious professional associations and expert recommendations. Considering the total number of publications, it is observed that 60,74% come from scientific databases, which allows to guarantee the scientific quality of the works found in the review. However, the remainder of works that correspond to non-conventional publications is important, because it comes from recognized institutions in the academic and professional field and complements the research work. The publications are classified by area of knowledge. This analysis is only carried out in the publications coming from the scientific databases, since they contain this field. There are 38 documents belonging to Computer Science, 40 to Engineering, 28 to Business Administration, 7 to Economics and Finance, 3 to Decision Sciences and 31 to Information Technologies. Engineering, Computer Science and Information Technology are the most frequent fields. In the classification according to the year of publication, restricted to the period 2000-2017 defined in the protocol, 242 publications have been found. The growing interest of the scientific community in the topic of IT governance is evident in universities, specifically in relation to the portfolio of IT projects and its good practices: from only 3 publications in 2000, it has risen to 26, 32 and 23 in 2014, 2015 and 2016, respectively. The number of works found in 2017 is not comparable with those of the other years, since the search was done before the end of the period.

Regarding the language in which the papers are written, 173 out of 242 publications (71,49%) are in English and 69 (28,51 %) in Spanish. As expected, the number of publications found in the scientific databases and written in English is significantly higher than those in Spanish (130 versus 17). In those from associations, the number of publications per language is balanced (34 and 29), while in those from university repositories, there is a greater number in Spanish (23 compared to 9) due to the bias of origin of the authors of this work. Table 4 classifies documents by type. From the 242 selected papers, 143 are journal articles, followed by 36 articles from conferences and congresses. There is a considerable contribution of reports (22) and books (20). The scientific databases have contributed more articles indexed in journals (113), while non-conventional literature provides mostly books (17) and reports (22). The doctoral theses (13) and master's theses (5), important for the present research work, come exclusively from the institutional repositories.

Table 4 Results by type of document

Source: Authors

Final assessment

Each summary, title and keywords are read and the document is qualified (Table 5). Each publication had a rating of a maximum of 10 points, obtained according to the five evaluation criteria in Table 3. Finally, a contribution level has been assigned to each publication according to the points obtained: dismissible (0-3 points), low (4-6 points), medium (7-8 points) and high contribution (9-10 points). As final result, 51 publications are considered high contribution to answer the research question proposed at the beginning of the SLR. Looking more closely at the origin of the 51 high-contribution publications, we can see that 23 come from scientific databases, 8 from non-conventional literature in universities and 20 from prestigious associations. From the 23 high contribution publications from scientific databases, 12 were found in Scopus, 2 in WoS and 9 in Google Scholar. In the non-conventional literature, 8 belong to repositories of universities, 12 belong to professional associations and 8 are recommendations made by experts in the field. Thus, from the total of 242 publications selected at the beginning, the number of publications to be considered in the qualitative analysis of the research has been reduced to 21,07 %. The rest of the publications (191) will probably not be taken into account in the qualitative analysis during the writing of the state of the art, but they are identified and may be accessed at some point during the research.

Table 5 Contribution percentage of the publications

Source: Authors

Scientific and professional interest

For the final report, only selected publications with a high contribution are considered and the entire evaluation process is reported. The details of the selected publications from scientific databases (23 publications) are presented in Appendix 1. We have read completely the 51 selected publications.

To determine the scientific interest we proceeded to analyze the 147 primary studies from scientific databases. From these documents, 31 come from conferences and 113 from scientific journals (Table 4). We can see the conferences from which the selected works come from. The Hawaii International Conference on System Sciences (HICSS) has contributed 4 publications. The indexed journal in which more articles have been published on the subject of study is JISTEM (Journal of Information System and Technology Management) with 6 publications, followed by the Journal of Theoretical and Applied Information Technology with 5 publications.

Due to the nature of the research topic, framed within the IT governance, it is also convenient to analyze the professional interest. From the 63 publications found in the non-conventional professional literature (Table 4), 45 come from prestigious associations and 18 are direct recommendations made by experts. There are 9 associations that concentrate 38 of these publications. The Association with more selected documents is the Crue-TIC (ICT Sectoral Commission of the Conference of Rectors of Spanish Universities) with 13 publications. This concentration is due to the strong implication of the authors with this association. It is followed by other associations with fewer publications related to the portfolio of IT projects in universities but equally concerned with the subject: the ISACA (Information Systems Audit and Control Association), EUNIS (European University Information Systems) and ITGI (IT Governance Institute), among others. It must be borne in mind that the search for research works in associations has not followed a systematic method. It has been based fundamentally on the experience of the authors and on references provided by experts in the field.

Discussion of results

The ultimate goal of a systematic literature review is to carefully summarize all the relevant information about a specific topic of interest. It is important to extract from the selected publications the answer to various questions, so that it allows us to successfully address our future research. The first step for our research has been to look for answers on the IT governance and the portfolio of IT projects issues. In the review conducted, different approaches to how to use IT properly can be found. This new approach allows us to determine methods, good practices, standards, frameworks and procedures, which attempt to analyze how to use IT appropriately as service providers, and their relationship with users and customers. The IT governance can be seen as the set of mechanisms, structures, procedures and relationships defined by the senior management to evaluate, direct and monitor actions and the correct use and management of IT (^{Santos and Santos, 2017}). The key element in IT governance is the alignment of IT to the business and, thereby, generating business value. IT services are increasingly integrated into business operations. According to ^{Fernandez et al. (2015)}, the alignment of IT with the business allows to verify the impact of IT infrastructure and IT projects and services on the organization itself. We must move the focus of IT from cost efficiency to operational effectiveness and thus improve business processes. In relation to the project portfolio, numerous works have been found with different models (PMI, 2013). Some of them are even specifically designed for universities (^{Correa and Benavides, 2013}). The strategic priorities of a company are reflected on what and how resources are spent. The portfolio of IT projects is a powerful tool for IT governance. It requires close connections between principles, processes, people and performance. Next, how the different selected works address different aspects is presented, that is, basic approaches, research lines, problems detected and proposed solutions.

Basic approaches

With respect to the IT Governance, several authors describe related theories, models and procedures. ^{Reynolds and Yetton (2013)} propose a new model of IT governance that re-conceptualizes business and IT alignment, contributing with detailed explanations of how IT creates value at the corporate level and at the level of strategic business units. ^{Toomey (2009)} states that companies have evolved to demonstrate how IT (personnel and technology) helps them to meet their business objectives. IT governance must deal with IT demand and provision (^{Delgado et al., 2012}). Highly aligned organizations take advantage of more mature IT governance practices compared to poorly aligned organizations (ISACA, 2013; ^{Montaña, 2013}). Regarding the portfolio of IT projects, IT project management alone does not guarantee that the organization is spending its resources in the right areas and doing the right projects. A prioritized set of well-defined IT projects that can be successfully executed in the short term should be generated. In the portfolio of IT projects, it is fundamental in the business strategy that the combination of projects reflects the strategic priorities. Furthermore, ^{Jairak and Praneetpolgrang (2013)} propose the establishment of a procedure to prioritize the projects and involve IT and business managers from the beginning of the project. The portfolio of IT projects is successful if the steering committee assumes the responsibility of supervising large projects and managing the priorities, costs and allocation of IT resources. ^{Tu, Shaw and Subramanyam (2015)} believe that all the no financial impact would result in the financial value of the investment portfolio of IT projects in a company. In the case of universities, according to Fernandez et al. (2014), every university should have some economic and human resources, so that their IT is centralized and sufficient to achieve the objectives established by its own strategy. Fernandez et al. (2014) believe that IT planning should be obtained from the university global strategy and include a portfolio of IT projects that implement the proposed strategies. ^{Franco Reboreda (2017)} analyzes the current state of governance of IT in the Universities and Institutions of Higher Education in Mexico, where route maps can be drawn towards the consolidation of IT governance initiatives. ^{Ponce (2016)} affirms that the life cycle of the portfolio of IT projects must conclude with the evaluation of the success achieved by each project and the decision by the board of directors on its continuity, modification or cancellation.

Research lines

IT Governance brings together five research areas: strategic alignment, resource management, risk management, performance and value generation for the organization (^{Delgado et al., 2012}). Prediction models and decision support systems are new areas in IT governance research (^{Jairak and Praneetpolgrang, 2013}). ^{Laita and Belaissaoui (2017)} recommend to carry out studies on the contribution of IT governance to the provision of services in the public sector. Additionally, it is proposed for the public sector to research the threat posed by the decrease in IT budget and the lack of mechanisms for the adequate implementation of IT governance. The management of the portfolio of IT projects, the information economy, the strategic IT planning, the methodologies of project management, the return on investment based on well-being (ROI and ROIW), IT quality, prediction models, decision support systems and datamining are lines for research that can be explored and exploited. Current research on IT portfolio management is very limited, therefore, it presents great opportunities for researchers on information systems to advance in the knowledge of this good practice.

Detected problems

From the detailed reading of the selected articles, different obstacles are detected and related to both the governance and the portfolio of IT projects. One of these obstacles is to propose and implement in the organizations a new business model and IT alignment that provides results to explain how IT creates value (^{Rahimi, Moller and Hvam, 2016}). Another problem, according to Fernandez et al. (2014), is that there are obvious differences between IT management and IT governance and consequently their differences must be clearly established. It is necessary to find procedures that demonstrate that IT is not a commercial expense, but an investment with not only economic but also social benefits. According to ^{Jairak and Praneetpolgrang (2013)}, the companies from developing countries without an adequate industrial infrastructure are not at the same level as those from developed countries. The implementation of an IT governance culture requires not only good intentions but also IT investment, trend analysis and technological prospection, which makes it more feasible to implement an IT governance in developed countries. ^{Lima, Fernandes and Machado (2016)} state that there is still limited knowledge regarding the management of the portfolio of IT projects. Quantifying the benefits of a portfolio of IT projects can be difficult.

Stated solutions

^{Rahimi et al. (2016)} propose a new business and IT alignment model in organizations, providing results that explain how IT creates organizational value. Additionally, ^{Ghorfi, Oudau, Aboutajdineand Aroussi (2014)} determine a model that allows the people in charge of IT to have a decision tool regarding their future strategic choices. ^{Santos and Santos (2017)} affirm that the effectiveness of IT governance in public or private companies will be achieved if the results of decision-making and related processes for the management and control of IT operations reach IT objectives. The findings can be used to improve the current IT governance frameworks, enabling companies to focus on IT concerns with a strong impact on the performance of IT governance. Project management is the institutional memory of governance. ^{Simon, Fischbach and Schoder (2013)} establish closer relations between the business architecture and the management of the IT portfolio through their integration not only in the process but also in the strategy, the meta-model, the organization and the level of the software tool. With regard to the selection process of IT projects, several solutions are proposed. ^{Zhijie (2012)} suggests that IT governance plays an important role in the selection of IT projects and the prioritization of the portfolio. Regarding solutions found in universities, ^{Fernandez et al. (2015)} state that one of the best practices that can be applied in relation to the acquisition principle is the implementation of a portfolio of IT projects. An IT investment portfolio should be designed based on a prioritized set of well-defined IT projects, that is, a portfolio of IT projects must be executed. One of the bases of good IT governance consists in developing a portfolio of projects aligned with the objectives of the University (Fernandez, Gumbau and Llorens, 2012; Fernandez et al., 2014; ^{Gomez et al., 2016}; Fernandez et al., 2015).

Conclusions

A systematic review of the literature has been applied, both in scientific databases and in university repositories and professional associations, to initiate the research that leads us to answer the question of whether the portfolio of IT projects can bean initial good practice for the implementation of an IT governance framework in a university with a non-explicit one. Throughout this document the methodology followed has been explained. The figure of Appendix 2 summarizes the process followed. We can consider it as a sequential filtering that leads us to select, from all the existing documentation on the Internet, a small number of works related to the subject that allow us to determine the research situation in that area. The first filter applied is related to the sources in which the information has been sought: the scientific databases (Scopus and WoS), non-conventional sources (Google Scholar), professional associations and institutional repositories of universities. Once the sources have been determined, the search has been carried out. For scientific and non-conventional databases, a second filter has been applied, consisting in searching the terms (IT governance, portfolio of IT projects, good practices and universities) and the inclusion criteria. We have obtained 242 primary publications (^{Valverde-Alulema, 2019}), which have been evaluated and labeled as high contribution for research (51), medium, (70), low (46) and dismissible (75). For the final selection of the works for writing the state of the art, a last filter has been applied, keeping only the 51 high-contribution publications.

According to the analysis of the selected final documents, the portfolio of IT projects is a good practice for IT governance and there are researches on this regard. In the period taken for the search (from 2000 to 2017), an increasing trend in the number of publications has been found. The scientific community has a real and progressive interest in the line of research of the IT Governance in general, and in particular in the Universities, where there is still a long path for research. The portfolio of IT projects is a very useful practice and has been implemented in many institutions. The greatest number of publications are from the technological areas, although there is also an interest in the business areas. This leads us to propose that a multidisciplinary research must be carried out to coordinate research from the technological and business areas. This would benefit the alignment of IT with the strategy of organizations for better Corporate Governance.

At a general level, the creation of a research line related to the IT Governance is of great relevance and its insertion within university postgraduate and research plans is justified. For the purpose of the present investigation, the study of good practices that give strength to IT governance is also justified. The portfolio of IT projects is a proven practice and could be an initial good practice, prior to the adoption of a culture of IT governance, in organizations. Specifically in the universities, some initiatives have been developed through the application of good practices, as a result of the contribution of the scientific community and prestigious international associations that have been working on issues related to the IT Governance. In this way, the review of the literature will help us answer the research question proposed at the beginning and justify the future work of implementing a Strategic Portfolio of IT Projects specific to universities, with analysis of characteristics and established standards. This demonstrates that it is the first step to implement and ensure a good start in the adoption of a specific IT governance framework for Universities, which is the purpose and future objective of our research.

References

Brettle, A. (2003). Information skills training: a systematic review of the literature. Health Information and Libraries Journal, 20(s1), 3-9. DOI: 10.1046/j.1365-2532.20.s1.3.x [ Links ]

Cesare, R., Luzi, D. and Ruggieri, R. (2008). The impact of Grey Literature in the web environment: A citation analysis using Google Scholar. The Grey Journal, 4(2), 83-96. [ Links ]

Chai, J., Liu, J. and Ngai, E. (2013). Application of decision-making techniques in supplier selection: A systematic review of literature, Expert Systems with Applications, 40(10), pp. 3872-3885. DOI: 10.1016/j.eswa.2012.12.040 [ Links ]

Correa, J. A., and Benavides, J. T. N. (2013). como Impacta la implementacion de una cartera de Proyectos en el Gobierno de las TI de una Institucion de Educacion Superior? (Master's thesis, Universidad ICESI). [ Links ]

Delgado, M. de la C., Marcilla, F. J. S., Calvo-Manzano, J. A., and Fernandez-Vicente, E. (2012). Project Management and IT Governance Integrating PRINCE2 and ISO 38500. Paper presented at the 7th Iberian Conference on Information Systems and Technologies (CISTI 2012), Madrid, Spain, IEEE. Retrieved from: https://ieeexplore.ieee.org/stamp/st amp.jsp?tp=&arnumber=6263172 [ Links ]

Fernández, A., Gumbau, J. P., and Llorens, F. (2012). Pilot Project for Implementing Corporate Governance of IT. Paper presented at the Conferencia de Rectores de Las Universidades Españolas (CRUE), 11, Madrid, Spain. [ Links ]

Fernández Martinez, A., Hontoria Hernandez, E., and Llorens Largo, F. (2014). ¿Como gobiernan sus Tecnologías de la Información las universidades españolas?. In Cuarta Conferencia de Directores de Tecnología de Informacion, TICAL. Cancún, México. (pp. 425-442). [ Links ]

Fernández, A., Llorens, F., and Hontoria, E. (2015). UNIVERSITIC: IT Survey in Spanish and Latin American Universities. EUNIS Research and Analysis Initiative - ERAI. European University Information Systems (EUNIS). Retrieved from: http://www.eunis.org/wp-content/uploads/201 5/06/UNI VERSITIC-ERAI-full.pdf [ Links ]

Ferreras, M. F. (2016). Visibilidad e impacto de la literatura gris científica en repositorios institucionales de acceso abierto. Estudio de caso bibliometrico del repositorio Gredos de la Universidad de Salamanca (Ph.D. thesis, Universidad de Salamanca). Retrieved from: https://knowledgesociety.usa l.es/sites/default/files/tesis/GRIA_Ferreras-Fernandez_Tesis.pdf [ Links ]

Franco Reboreda, C. A. (2017). El gobierno de las Tecnologías de Informacion y Comunicacion en las Instituciones Publicas de Educacion superior en Mexico (Ph.D. thesis, Universidad Politécnica de Cataluña). Retrieved from: https://upcommons.upc.edu/bitstream/handle/2117/1127 81/TCAFR1de1.pdf?sequence=1&isAllowed=y [ Links ]

Genero, M., Cruz-Lemus, J. A., and Piattini, M. (2014). Métodos de Investigación en Ingeniería del Software. Madrid: RA-MA Editorial. [ Links ]

Ghorfi, R. El, Ouadou, M., Aboutajdine, D., and Aroussi, M. El. (2014). A Modeling Approach for IT Governance Basics Application on IT Projects and IT Goals. Paper presented at the Second International Conference on Artificial Intelligence, Modelling and Simulation, Madrid, Spain, IEEE. DOI: 10.1109/AIMS.2014.29 [ Links ]

González, L., Arango, S., Vásquez, C., and Ospina, J. (2015). Field research in information and communication technologies: governance strategy at Universidad de Medellin. Ingeniare - Revista chilena de ingeniería, 23(2), 301-311. Retrieved from: https://www.ingeniare.cl/index.php?option=com_ingeniare&view=d&doc=83/art15.pdf&aid=428&vid=8 3&lang=en [ Links ]

Gómez, J., Jiménez, T., Gumbau, J., and Llorens, F. (2016). UNIVERSITIC 2016: Analisis de las TIC en las Universidades Españolas. Madrid: Conferencia de Rectores de Las Universidades Españolas (CRUE). Retrieved from: https://www.crue.org/Documentos%20compartidos/Publicacio nes/Universitic/UNIVERSITIC%202016_versi%C3%B3n%20digital.pdf [ Links ]

ISACA (Information Systems Audit and Control). (2013). COBIT V5: Enabling Processes (5th ed.). Madrid: ISACA. [ Links ]

Jairak, K., and Praneetpolgrang, P. (2013). Applying IT governance balanced scorecard and importance-performance analysis for providing IT governance strategy in university. Information Management and Computer Security, 21(4), 228-249. DOI: 10.1108/IMCS-08-2012-0036 [ Links ]

Juiz, C. and Toomey, M. (2015). To Govern IT, or Not to Govern IT. Magazine of Communications of the ACM. 58(2), 58-64. DOI: 10.1145/2656385 [ Links ]

Kitchenham, B., Mendes, E. and Travassos, G. (2007). Cross Versus Within-Company Cost Estimation Studies: A Systematic Review. IEEE Transactions on Software Engineering. 33(5), 316-329. DOI: 10.1109/TSE.2007.1001 [ Links ]

Laita, A., and Belaissaoui, M. (2017). Information Technology Governance in Public Sector Organizations. In: Rocha A., Serrhini M., Felgueiras C. (eds) Europe and MENA Cooperation Advances in Information and Communication Technologies. New York: Springer International Publishing. DOI: 10.1007/978-3-319-46568-5 [ Links ]

Lima, A., Fernandes, G., and Machado, R. J. (2016). Project and Program Management Implications in the Portfolio Management of IT Projects in Applied R and D órganizations. Paper presented at the International Conference on the Quality of Information and Communications Technology Project, Lisbon, Portugal, IEEE. DOI: 10.1109/QUATIC.2016.056 [ Links ]

Montaña, A. (2013). Propuesta para la implementación de un esquema de gobierno de Tecnologías de la Información (TI) en ambientes tercerizados (outsourcing) Caso de estudio: Universidad Nacional de Colombia (Master's thesis, Universidad Nacional de Colombia). [ Links ]

PMI. (2013). PMBÓK-A Guide to the Project Management Body of Knowledge (P. Book, Ed.) (5th ed.). Pensilvania: PMI. [ Links ]

Ponce, J. L. (coord.) (2016). Estado actual de las tecnologías de la informacion y las comunicaciones en las instituciones de educacion superior en México: estudio ejecutivo 2016. México, D.F.: ANUIES [ Links ]

Rahimi, F., Moller, C., and Hvam, L. (2016). Business process management and IT management: The missing integration. International Journal of Information Management, 36(1), 142-154. DOI: 10.1016/j.ijinfomgt.2015.10.004 [ Links ]

Reynolds, P., and Yetton, P. (2013). Aligning Business and IT Strategies in Multi-Business Organizations. Paper presented at the Thirty Fourth International Conference on Information Systems, Milán, Association for Information Systems. [ Links ]

Sanchez-Meca, J. (2010). Como realizar una revision sistemática y un meta-análisis. Aula Abierta, 38(2), 53-62. Retrieved from: https://www.um.es/metaanalysis/pdf/5030.pdf [ Links ]

Santos, L. C., and Santos, C. D. (2017). A study on the impact of non-operational mechanisms on the effectiveness of public IT governance. Revista de Administracão, 52(3), 256-267. DOI: 10.1016/j.rausp.2017.05.005 [ Links ]

Simon, D., Fischbach, K., and Schoder, D. (2013). Integrating IT Portfolio Management with Enterprise Architecture Management. Enterprise Modelling and Information Systems Architectures, 8(2), 79-104. DOI: 10.18417/emisa.8.2.4 [ Links ]

Sondergaard, T. F., Andersen, J., and Hjorland, B. (2003). Documents and the communication of scientific and scholarly information. Journal of Documentation, 59 (3), 278-320. DOI: 10.1108/00220410310472509 [ Links ]

Toomey, M. (2009). Waltzingwith the elephant: a comprehensive guide to directingand controllinginformation technology. Melbourne: Infonomics Pty Ltd. [ Links ]

Tu, T. Y., Shaw, M. J., and Subramanyam, R. (2015). IT Governance and Portfolio Management: An Exploration of the Superior IT Project Investment Portfolios. Paper presented at the Pacific Asia Conference on Information Systems. Retrieved from: https://aisel.aisnet.org/pacis2015/70 [ Links ]

Valverde-Alulema, F. (2019). La Cartera de Proyectos de TI como buena practica para la Gobernanza de las TI en las universidades (Ph.D. thesis, Universidad de Alicante). [ Links ]

Zhijie, X. (2012). A Method of IT Investment Portfolio Optimization in the Government Sector Integrated with IT Governance. Paper presented at the Second International Conference on Business Computing and Global Informatization, Shangai, IEEE. DOI: 10.1109/BCGIN.2012.9 [ Links ]

How to cite: Valverde-Alulema, F. and Llorens-Largo, F. (2019). Strategic portfolio of IT projects at universities: A systematic and non-conventional literature review. Ingeniería e Investigación, 39(2), 46-57. DOI: 10.15446/ing.investig.v39n2.72431

Appendix 1. Detail of the 23 studies from scientific databases selected for the review

Source: Authors

Appendix 2. Summary of the systematic review of the scientific and non-conventional literature

Source: Authors

Received: May 26, 2018; Accepted: July 29, 2019

Attribution 4.0 International (CC BY 4.0) Share - Adapt

This is an open-access article distributed under the terms of the Creative Commons Attribution License

Services on Demand

Journal

Article

Indicators

Related links

Share

Ingeniería e Investigación

Print version ISSN 0120-5609

Ing. Investig. vol.39 no.2 Bogotá May/Aug. 2019

https://doi.org/10.15446/ing.investig.v39n2.72431