Indicators for Green in IT Audits: A Systematic Mapping Study J. David Patón-Romero, Mario Piattini Alarcos Research Group, Institute of Technologies and Information Systems University of Castilla-La Mancha (UCLM) Ciudad Real, Spain {JDavid.Paton, Mario.Piattini}@uclm.es Abstract—In recent years the world has been experiencing a an impact on the environment, due to energy consumption and series of environmental changes that have led to the emergence of emissions from the IT elements themselves (i.e., IT as a a strong conviction in society to do with the need to protect the producer). Often “Green IT” is used as a term to refer to the environment. Information Technologies (IT), especially software combination of Green by IT and Green in IT. technologies, can contribute to environmental sustainability in two ways: “Green by IT”, in the sense that IT can provide tools to The focus of this study lies within the field of Green in IT, perform tasks in a way that is suitable for the environment, and specifically in the identifying of standards or frameworks to “Green in IT”, when ITs themselves have an impact on the control the correct implementation and/or operation of Green in environment, due to their energy consumption. However, the IT, and especially as regards its auditing. techniques of Green in IT are relatively young, and there is no standard or framework to control their correct implementation Within Green in IT, the reduction of energy consumption has and/or operation. The objective of this systematic mapping study been addressed in different projects in cloud computing, in is therefore to collect the current knowledge about Green in IT hardware, in data centers, etc., but not in its audits [2]. audits, in order to determine what are the most important From the point of view of the audit, there already exists an characteristics in the development of an audit framework for IT framework for auditors, developed by ISACA (Information Green in IT and especially the indicators used for this auditing. Systems Audit and Control Association), called COBIT 5 The results obtained demonstrate the novelty of this area, as well (Control Objectives for Information and related Technology) as the almost complete absence of studies related to the topic. All of this points to the need to develop a framework for Green in IT [12], which has its origin in the control and auditing of IT. auditing. COBIT 5 has a series of guides and professional frameworks for the governance and management of different areas of IT (as Keywords—Audit; Green in IT; Systematic mapping study shown in Fig. 1). I. INTRODUCTION While it is true that this framework provides a fairly broad We have witnessed vertiginous changes, far beyond those overview of everything related to IT, and there are versions brought about by the climate change which the planet has been adapted to specific areas such as security, COBIT does not yet suffering in the last 30 years. These new features have made have any version or any control mechanism related to Green IT society, and in particular organizations, reconsider many aspects or to sustainability. There is even less provision as regards Green of the efficiency, effectiveness and consumption of their in IT. activities, in order to reduce the impact these have on the environment. When it comes to increasing sustainability, the impact of technology is important from two different points of view [3]. On the one hand, technology helps organizations to address environmental issues (virtual meetings, dematerialization of activities, improvements in logistics, intelligent transport systems, smart grids, etc.); on the other hand, technology is itself responsible for significant environmental degradation (e.g., the amount of energy consumed by engineering processes used to manufacture technology products). Fig. 1. COBIT 5 product family. In this sense, Erdélyi [4] emphasizes that Information Technologies (hereafter “IT”) can contribute to environmental We thus believe that a systematic mapping study that gives sustainability in two ways: “Green by IT”, in the sense that IT the latest knowledge about this research area could be very can provide tools to carry out tasks in a way that is suitable for useful, in order to establish the pillars for developing techniques the environment (i.e., IT as an enabler in the direction Unhelkar and/or frameworks of Green in IT audits. [11]) pointed us in, and “Green in IT” when ITs themselves have The rest of this study is organized as follows: in Section II 2) Search Strategy the research protocol carried out to perform the systematic To carry out the automated search for information, the mapping study is described. Section III contains the results of Scopus database will be used, in which a search string divided the mapping study. In Section IV the main observations of the into two parts, representing, on one hand, the field of the audit, results, as well as the limitations and implications of this field and, on the other hand, the Green in IT, will be introduced. In are discussed. And finally, in Section V, the conclusions and the Table II this search string is shown, in which the Boolean OR future work to be done in the field of Green in IT audits are has been used to link the terms and synonyms for each part, and presented. the Boolean AND to join the two parts to each other. II. RESEARCH PROTOCOL TABLE II. SEARCH STRING A systematic mapping study is a method for collecting and categorizing the existing information about a research topic. Concept Alternative Terms & Synonyms This systematic mapping has been carried out following the (Audit* OR “Best practices” OR Control* OR Govern* OR Audit lines/guidelines provided in work such as that of Genero et al. Manag* OR Assess* OR Evaluat* OR Measur*) [7], Budgen et al. [1], Petersen et al. [10], and Kitchenham [8]. (“Green IT” OR “Green ICT” OR “Green in IT” OR “Green Green in IT The systematic mapping study has been conducted in three hardware” OR “Green software” OR Greenability) stages: planning, executing and documentation. Activities * The asterisk symbol signifies that any character or characters may be included in the word in relating to the first two stages are described in the following question, in order to get word permutations (e.g., the search term “Audit *” includes the following words: Audit OR Auditing OR Audits OR...). subsections, and documentation stage corresponds to Section III. The search will be performed by applying the search string to the title, abstract and keywords of each article. A. Planning Stage We should highlight that only any information that has been At this stage, the following activities have been carried out: published in the last decade (from 2005 to 2015, inclusive) will 1. Establish the research questions. be considered. This is because the idea of Green in IT is 2. Define the search strategy. relatively young; development and progress in this field has begun to take place only over the last decade. Moreover, in a 3. Establish the selection criteria of the primary studies. field like Green in IT, which is in constant growth and renewal, 4. Establish the quality assessment criteria. choosing a longer period of time may be a disadvantage, since 5. Define the data extraction strategy. outdated information would be found in this context. Moreover, the time period used has been validated during the execution of 6. Select the synthesis methods. the systematic mapping study, by observing that almost all the 1) Research Questions publications in the area are located in those years. The main objective of this study to examine the current state 3) Selection Criteria of Primary Studies of Green in IT audits. To do this, the research questions that can The information collected in the automated search will be be seen in Table I have been set. evaluated, considering the title, abstract and keywords of each TABLE I. RESEARCH QUESTIONS article, in order to determine whether that article is to be included or not. To do this, on the one hand, those articles that meet at Research Questions Motivation least one of the following inclusion criteria will be included: Determine the number of current RQ1. What studies exist on publications and the trend over recent  I1: articles in English referring to Green in IT audits. Green in IT audits? years in relation to Green in IT audits.  I2: complete articles published between 2005 and 2015 Determine what methodologies and/or RQ2. What methodologies or techniques are used by auditors to in journals, conferences or workshops, with peer review. techniques are used to audit the assess the Green in IT, and what the Green in IT? audit reports that they perform are like. On the other hand, articles that meet one of the following exclusion criteria will not be taken into account: RQ3. What areas are preferably Determine what areas are usually the audited in Green in IT? most important in Green in IT audits.  E1: types of articles of discussion or opinion, or those RQ4. What indicators are used Determine what indicators are typically available only as abstracts or presentations. in the measurements of Green used by auditors when assessing Green in IT audits? in IT.  E2: duplicate works (always considering the most complete and recent article). RQ5. What are the roles related Determine what roles are involved in a to Green in IT audits? Green in IT audit.  E3: works related to the Green by IT. RQ6. What are the processes Determine what processes are involved related with Green in IT audits? in a Green in IT audit.  E4: works whose main contribution is not related to Green in IT, or where Green in IT is considered By means of these questions, the existing information about superficially. Green in IT audit may be collected and categorized. The aim is to know the state of the art in the area and identify existing gaps, The references of each of the articles to be included will be so as to be able to propose new research areas. evaluated, i.e., the snowball effect will be taken into account. 4) Quality Assessment Criteria extraction for all the selected studies is ensured, facilitating their To measure the quality of the studies selected, a classification. The research questions and their possible answers questionnaire with a scoring system of three values (-1, 0, +1) can be seen in Table III. has been developed. The questionnaire is composed of the TABLE III. CLASSIFICATION SCHEMA following issues to consider: Research Questions Answers a. The study presents a detailed description of the characteristics and the application of Green in IT audits. a. Systematic mapping/literature review RQ1. What studies exist The possible answers are: “Yes (+1)”, “Partially (0)”, and on Green in IT audits? b. Case study d. Proposal c. Survey e. Others “No (-1)”. RQ2. What methodologies a. COBIT b. ISO c. ITIL b. The study contains detailed guidelines about how to or techniques are used to d. Risk oriented approach perform Green in IT audits. audit the Green in IT? e. Others f. N/A The possible answers are: “Yes (+1)”, “Partially (0)”, and RQ3. What areas are a. IT Infrastructure “No (-1)”. preferably audited in Green b. Software Applications in IT? c. IT Management e. Others c. The study validates the idea of Green in IT audit, which d. IT Governance f. N/A it defends. a. Power (W) b. Efficiency (%, DCIE) The possible answers are: “Empirically validated using a RQ4. What indicators are c. Effectiveness (PUE) used in the measurements case study, survey or experiment (+1)”, “Applied at least of Green in IT audits? d. Productivity (MFLOPS/W, through a “proof of concept” (0)”, and “Proposal not FLOPS/J…) e. N/A verified (-1)”. a. Boards of directors b. Chief Executive Officer (CEO) d. The study shows clearly and in detail the results obtained c. Chief Financial Officer (CFO) after applying the idea of Green in IT audit, which it d. Business owners defends. RQ5. What are the roles e. Sustainability Steering Committee (SSC) The possible answers are: “Yes (+1)”, “Partially (0)” and related to Green in IT f. Chief Human Resources Officer (CHRO) “No/ not at all (-1)”. audits? g. Chief Information Officer (CIO) Note that the score for the studies that have not carried h. Chief Technology Officer (CTO) i. Chief Sustainability Officer (CSO) out the application of the idea (i.e. that are only a j. Stakeholders proposal) will be considered as “Partially (0)”, so that k. Green internal/external auditor they are not penalized. l. N/A e. The study has been published in an important journal, a. Evaluate, Direct and Monitor (EDM) b. Align, Plan and Organize (APO) conference or congress. RQ6. What are the c. Build, Acquire and Implement (BAI) The possible answers are: “Very relevant (+1)”, processes related with d. Deliver, Service and Support (DSS) “Relevant (0)”, and “Not very relevant or not relevant at Green in IT audits? e. Monitor, Evaluate and Assess (MEA) all (-1)”. f. N/A This question will be evaluated considering the order of relevance, following the JCR index of the publications. 6) Synthesis Methods Firstly, a quantitative synthesis of the data will be performed, f. The study has been cited by other authors. based on: The possible answers are: “Yes (+1)” if the study has been cited by more than five authors, “Partially (0)” if the  Establishment and representation, through tables and/or study has been cited by between one and five authors, and graphics, the number and/or percentage of selected “No (-1)” if the study has not been cited. studies, classified according to their possible responses This question will be evaluated considering the citation in each of the research questions and year of publication. index of Google Scholar. Note that the score for the studies recently published (2015) will be considered as  Definition of bubble diagrams to show the frequency “Partially (0)”, so that these are not penalized. with which the possible responses to each of the research questions are related. The sum of the score for each question makes up the final quality score about the study in question (obtaining a value And, secondly, a qualitative synthesis of the data will be between -6 and +6). These scores will not be used to exclude a carried out, based on: specific study from the systematic mapping study if it gets a bad  Representation through tables and/or graphs of the grade, but they will be used to find the most representative and studies selected, classified according to the results of relevant studies, i.e., those which have more weight in future quality assessments conducted. research. 7) Calendar of the Systematic Mapping Study 5) Data Extraction Strategy The systematic mapping study was started in January 2016, The data extraction strategy is based on a series of possible and was completed in April 2016. answers for each of the research questions defined. Thanks to this strategy, the application of the same criteria of data B. Executing Stage 3. Studies of Green in IT related to some other aspect of The executing stage, in which the review protocol audit: this group was formed by the rest of the studies. established in the previous stage has been implemented, has They deal with various issues of Green IT, from which been guided by three main phases: we can see important characteristics about this area; we may draw out features that help to answer the research 1. In the first phase, after applying the search string of the questions. Table II over the Scopus database, a total of 627 documents was obtained. As a result of this, and after On the one hand, in Appendix A all references to the selected applying the selection criteria on the abstract of each, a primary studies are found. And, on the other hand, in Appendix total of 55 potential studies was obtained. B the results concerning the responses of each of the questions in relation to each of the selected primary studies are collected. 2. During the second phase, the selection criteria were applied to the 55 potential studies, but, in this case, to A. RQ1. Studies about Green in IT audits the entire study on each occasion. After this filter, a total Around 40% of the studies selected are systematic mapping of 13 primary studies was obtained. studies or literature reviews, or have carried out such a study, the latter type aiming to give the reader a basis on which to follow 3. Finally, in the last phase, a quality assessment of each the rest of the study ([S06], [S09], and [S10]). Two papers have of these primary studies was carried out, along with a carried out a review simply to show the state of the art of the characterization of the studies, placing each into one of field in question ([S08] and [S11]). three groups (as is explained in Section III). We can also highlight that about 40% of the studies are III. RESULTS proposals ([S03], [S04], [S09], [S10], and [S13]) with which the In this section, the results obtained in each of the research authors try to establish some guidelines. These guidelines are, questions are shown, as well as the general results of the for example, on how to assess the maturity of Green in IT in an systematic mapping study. organization [S03], or about a contingency model for the government of Green in IT [S09]. First of all, however, it is important to note a limitation or snag encountered during the evaluation of the primary studies Moreover, 23% of the studies include some kind of survey selected. ([S02], [S03], and [S06]), to validate their idea [S03] or to display the current status of the field in the organizations studied The low number of primary studies found gave a glimpse of [S02]. how little progress there had been in the area of Green in IT audits. In fact, of these studies only two ([S01] and [S02]) are Finally, only 15% of the studies ([S09] and [S10]) validate actually about Green in IT audits. This meant that in order to their idea through a case study. answer the research questions and give validity to the mapping study, we considered it was a good idea to take into account the other eleven studies included in the primary studies selected. These facts led us to believe it advisable to categorize the 13 primary studies, placing them in three groups to improve understanding: 1. Studies closely related to Green in IT audits: this group contains studies [S01] and [S02]; of these, the [S01] is about an analysis of the state of the art of Green IT, and stresses the importance of carrying out audits in this field; and the [S02] shows the results of a survey conducted on internal auditors from different organizations as regards their experiences and opinions about Green IT. Fig. 2. Results concerning question RQ1 about studies about Green in IT audits. 2. Studies with auditing techniques of Green in IT: in this group, studies [S03] and [S04] are found. B. RQ2. Methodologies and techniques in Green in IT audits Study [S03] is about a model for measuring and managing the level of maturity of Green IT in an Only 40% of the studies take into account a particular organization. methodology or technique for managing/controlling some For its part, [S04] offers a series of initiatives for aspect of Green in IT. Of these, the majority (80%) emphasize assessing Green IT, from the perspective of the balanced the importance of applying the existing ISO (International scorecard. In both of these studies, the areas, the Organization for Standardization) standards within Green in IT indicators and the other characteristics discussed bear a ([S01], [S05], [S06], and [S13]), especially the set of ISO 14000 resemblance to, and a close relationship with, audit [13]. topics. Furthermore, study [S02] offers a risk-oriented effectiveness as one of the main and important indicators of methodology, while study [S06], in addition to highlighting the Green in IT. ISO standards, focuses on demonstrating the importance of the ITIL (Information Technology Infrastructure Library) as a guide Productivity, for its part, is cited only by study [S11]. for managing Green in IT. Fig. 5. Results concerning question RQ4 about indicators in the measurements in Green in IT audits. Fig. 3. Results concerning question RQ2 about methodologies and tehniques in Green in IT audits. E. RQ5. Roles involved in Green in IT audits C. RQ3. Audited areas in Green in IT Regarding the roles, the most outstanding ones are those of Regarding which areas are the main ones within Green in IT CIO and CTO, who are the main individuals responsible for and therefore which are those that should be audited, practically Green in IT in the organizations; this assertion has the support all the studies (85%) agree that the two most important areas are of 54% of the studies. the IT infrastructure and software applications, because they Next in importance, 38% of the studies also highlight the contain the bulk of the good practices of Green in IT. significance of the CEO and the director/ person responsible for IT governance is also an important area on which more than sustainability (CSO, a role which few companies have, as has half of the studies (54%) place special emphasis, especially in been observed) within Green in IT. the field of aligning both corporate governance and IT with the The board of directors and the CFO are in other roles to be Green in IT. considered, according to 23% of the studies, especially on issues Finally, IT management, although mentioned least, at 38%, of financial management and business alignment. is also characterized as a relevant and necessary area for the Also relevant is the sustainability steering committee (SSC); control of Green in IT. although practically absent in the majority of organizations, 15% of the studies highlight how important it is for a committee of such characteristics to exist in this field. Finally, study [S02] also emphasizes the role of the auditors, especially the internal auditors, in the field that concerns us. Note that this is the only study that gives a purely practical vision of the audit. Fig. 4. Results concerning question RQ3 about audited areas in Green in IT. D. RQ4. Indicators in the measurements in Green in IT audits The 69% of studies support the assertion that the main indicator in the measurement of Green IT is power, i.e., the consumption in watts (W) of the IT. Other studies, such as [S04], [S11], and [S13], also defend Fig. 6. Results concerning question RQ5 about roles involved in Green in IT the efficiency of IT as being a primary indicator. On the other audits. hand, studies [S04] and [S13] also point to the role of F. RQ6. Processes involved in Green in IT audits  Green in IT translates mainly into a reduction of the The most important processes in Green in IT, according to consumption in watts (W) of the IT, so power is the main 85% of the studies, and which therefore must necessarily be indicator to consider. controlled through audits, are those related to building, acquiring  The CIO and the CTO are the main individuals chiefly and implementing (BAI) techniques and/or good practices of responsible for Green in IT in organizations. Green in IT.  The processes related to building, acquiring and It is also very important to audit those processes that are implementing (BAI) techniques and/or good practices of related to Green in IT management, such as the ones related to Green in IT are the most important ones, in which the EDM and MEA; this is corroborated by 77% of the studies. Any greatest number of activities take place (followed closely failure in these processes that are responsible for monitoring, by the processes of EDM and MEA). assessing, evaluating, etc. may cause the malfunction of the Green in IT practices that have already been implemented; it is Furthermore, due to the small number of studies found and therefore vital to control those processes. because of the problems that we have had in answering the research questions (since they had a not-very-close relationship No less important are processes related to aligning, planning to the subject), it makes no sense to produce the charts that are and organizing (APO); their relevance is supported by 69% of characteristic of this type of mapping studies, such as bubble the studies. These processes, related in particular to governance, diagrams. They would not generate any relevant information. are extremely important to monitor, because if the head of an organization is not aligned with and committed to Green in IT, Nevertheless, we considered that questions RQ4, related to it is difficult for this idea and the good practices implemented to the indicators in the measurements of Green in IT audits, and manage to settle successfully within that organization. RQ6, related to the processes involved in Green in IT audits, are important to highlight. Finally, the processes related to delivery, service and support (DSS), i.e., the processes which are related most to the On the one hand, in the results of the question RQ4, we can customers, are named only in studies [S04] and [S13] as being observe that the most important indicator to measure the important within Green in IT. different practices and/or techniques of Green in IT, is the power, i.e., the energy consumption of the different IT systems related to the Green in IT. For this reason, in Green in IT audits (and in daily operations of Green in IT) is vital to take into account this indicator in the different assessments and measurements. In Fig. 5, the importance of the power over others indicators can be observed graphically. On the other hand, the responses to the question RQ6 are directly related to the processes of the COBIT audit framework, which can serve as a basis for the development of a framework for Green in IT auditing. This means that there is greater interest in knowing what the most important processes in the topic in question are. Thus, in Fig. 7, the results of this question can be observed graphically, where the relevance that especially the BAI, EDM, and MEA processes have can be observed. Fig. 7. Results concerning question RQ6 about processes involved in Green in IT audits. IV. DISCUSSION G. Mapping Results A. Principal Findings After analyzing each of the questions, we can determine as The objective of this systematic mapping study is to know general mapping study results: the current status of the field of Green in IT audits, in order to determine the most important characteristics for developing an  Most of the current studies are proposals and/or general audit framework for Green in IT. After analyzing the results, the mapping studies or literature reviews about Green IT; a following observations can be deduced: few include Green in IT. This establishes and demonstrates the novelty of the field in question.  There is practically no research related to Green in IT audits. The small number of existing studies shows that  The ISO standards (especially the 14000 series [13]) it is a new field and that it is vital to develop it (as have to be taken into account when carrying out the highlighted in [S01]). adoption or implementation of Green in IT in the organizations.  Green IT is growing in importance. Most studies highlight the significance of this field; interest in it is  IT infrastructure and software applications are the main increasing every day, and the relevance that it is taking areas in which the good practices and/or techniques of on in society means that this area is becoming as Green in IT are carried out. indispensable for the future of organizations as for mankind itself. B. Limitations of this Systematic Mapping Study their very early stages, more and more organizations are The main limitation of this systematic mapping study has to deciding to follow these techniques. do with the establishment of a very specific search string on the The results obtained in the systematic mapping study topic of Green in IT auditing. presented in this article demonstrate the novelty of this field and During the execution of the mapping study we have observed the need to develop an audit framework for Green in IT. That that, for example, in relation to the term “Green in IT” more would allow a monitoring of the practices adopted by generally terms could have been used (such as “sustainability”). organizations in this regard, also establishing empirically- But these terms would return a huge number of results, and many validated guidelines for good practices. of them would have had little or no relation to Green IT, or to IT Also, we have observed that the measurements become a in general. vital part to control and improve the different techniques and Therefore, and bearing in mind the primary objective of the practices of Green in IT. That is why Green in IT audits should study, we decided to not carry out such a broad search in this take into account the power or energy consumed by the related first contact with the topic. IT systems, as has been shown by the results. C. Implications for Research and Practice All this means that it is very important to continue to develop this idea; with respect to future work, we are working on: The findings of this systematic mapping study have huge transcendence for researchers who are planning to investigate  Development of a new systematic mapping study, in into Green IT, and more specifically for those aiming to carry which a wider search string is applied and more search out research on the topic of Green in IT audits. engines are included. This new mapping study is intended to mitigate the limitation explained in the Also, the study is, of course, highly relevant for auditors, previous section and expand the object of the study to computer managers, or other individuals responsible for Green Green IT in general. in IT in their organizations.  Creation of a framework for Green in IT audits, one First of all, it is a very interesting area for researchers which will provide the basis for a subsequent audit because, as we have seen, this is a new field, in which practically framework of Green IT. nothing has been done so far. For now, we have developed an early version of this Secondly, thanks to the development of this field, auditors framework (based on COBIT 5), which we have entitled may develop new audit models that allow them to expand their “Governance and Management Framework for Green operating range to this new field of Green IT. It will thus be IT”, through which organizations can establish a possible to achieve more specific and comprehensive audits, governance and a management of Green IT, as well as helping to consolidate the good practices of Green IT in the can audit this area. organization.  Development of a software application to carry out audits And finally, organizations will benefit significantly from the of Green IT, on the basis of the “Governance and progress in this field. So far, some organizations have developed Management Framework for Green IT”. and implemented such measures or practices of Green IT that Currently, we have developed the first version of this they have considered appropriate, (according to their own application [9], which we have called GreenITAudit. criteria), without carrying out any validated internal or external Through this application, the entire audit phase can be audit. More organizations will be able to take on these good carried out, answering, on the one hand, the audit practices, without having to invent their own techniques. They questions established in the developed framework (as will instead be able to access the knowledge that exists about the shown in the example view of the Fig. 8), and generating, area and adapt it to their situation very simply and easily. on the other hand, the results report of the Green IT audit performed (as shown in the Fig. 9). V. CONCLUSIONS AND FUTURE WORK  Propose and validate a set of indicators and metrics to Over the last few years, Green IT has become one of the most carry out Green in IT audits and, also, to measure (by the important and relevant areas; in the near future putting it into organizations themselves) the correct performance of the practice will be indispensable [5] [6]. Although it is a relatively Green in IT function for improve it. young idea, and its implementation and techniques are still in Fig. 8. “Audit Questions” view in GreenITAudit. Fig. 9. Results report generated by GreenITAudit. ACKNOWLEDGMENTS APPENDIX A. PRIMARY STUDIES SELECTED This work is part of the project GINSENG (TIN2015-70259- [S01] C. Gabriel, “Why it's not naive to be green,” in Business Information C2-1-R) funded by the Spanish Ministerio de Economía y Review, vol. 25, pp. 230-237, 2008. Competitividad and the FEDER fund (Fondo Europeo de [S02] G. L. Gray, W. G. No, and D. W. Miller, “Internal Auditors' Experiences and Opinions Regarding Green IT: Assessing the Gap in Desarrollo Regional); and GLOBALIA (PEII-2014-038-P), Normative and Positive Perspectives,” in Journal of Information Consejería de Educación y Ciencia, Junta de Comunidades de Systems, vol. 28, pp. 75-109, 2013. Castilla-La Mancha. [S03] S.-H. Park, J. Eo, and J. J. Lee, “Assessing and Managing an Organization's Green IT Maturity,” in MIS Quarterly Executive, vol. REFERENCES 11, 2012. [1] D. Budgen, M. Turner, P. Brereton, and B. Kitchenham, “Using mapping [S04] R. Jain, R. Benbunan-Fich, and K. Mohan, “Assessing green IT studies in software engineering,” in Proceedings of PPIG 2008, pp. 195- initiatives using the balanced scorecard,” in IT Professional Magazine, 204, 2008. vol. 13, p. 26, 2011. [2] C. Calero and M. Piattini, Green in Software Engineering. Springer [S05] S. Agarwal and A. Nath, “Green computing-a new horizon of energy International Publishing AG, Cham, ZG, Switzerland, 2015. efficiency and electronic waste minimization: a global perspective,” in [3] W. Du, S. L. Pan, and M. Zuo, “How to Balance Sustainability and 2011 International Conference on Communication Systems and Profitability in Technology Organizations: An Ambidextrous Network Technologies (CSNT), 2011, pp. 688-693. Perspective,” in IEEE Transactions on Engineering Management, Vol. 60, [S06] A. Cater-Steel and W.-G. Tan, “The role of IT service management in Issue 2, pp. 366-385, 2013. Green IT,” in Australasian Journal of Information Systems, vol. 17, [4] K. Erdélyi, “Special factors of development of green software supporting 2011. eco sustainability,” in IEEE 11th International Symposium on Intelligent [S07] D. C. Chou and A. Y. Chou, “Awareness of Green IT and its value Systems and Informatics (SISY), pp. 337-340, 2013. model,” in Computer Standards & Interfaces, vol. 34, pp. 447-451, [5] F. J. Esteve Zarazaga, “Grupo “Green ICT” de CEPIS”, in Novática, 2012. Num. 234, pp. 13, 2015. [S08] F. Loeser, “Green IT and Green IS: Definition of constructs and [6] F. J. Esteve Zarazaga, “Las “TIC verdes” en el Horizonte 2025,” in overview of current practices,” in 19th Americas Conference on Novática, Num. 234, pp. 80-84, 2015. Information Systems (AMCIS), 2013. [7] M. Genero Bocco, J. A. Cruz-Lemus, and M. G., Piattini Velthuis, [S09] N.-H. Schmidt and L. M. Kolbe, “Towards a contingency model for Métodos de investigación en ingeniería del software. Ra-Ma Editorial, green IT governance,” in European Conference on Information Systems Madrid, Spain, 2014, pp. 199-246. (ECIS), 2011. [8] B. Kitchenham, Guidelines for Performing Systematic Literature Reviews [S10] N. Opitz, H. Krüp, and L. M. Kolbe, “How to Govern your Green IT? in Software Engineering, Version 2.3. EBSE Technical Report, Keele - Validating a Contingency Theory Based Governance Model,” in 19th University, UK, 2007. Pacific Asia Conference on Information Systems (PACIS), 2014, p. 333. [9] J. D. Patón-Romero and M. Piattini, “GreenITAudit: A Tool to Audit the Green IT,” in 2nd Green in Software Engineering Workshop (GInSEng), [S11] L. Ardito and M. Morisio, “Green IT – Available data and guidelines 2016. for reducing energy consumption in IT systems,” in Sustainable Computing: Informatics and Systems, vol. 4, pp. 24-32, 2014. [10] K. Petersen, R. Feldt, M. Shahid, and M. Mattsson, “Systematic mapping studies in software engineering,” in 12th International Conference on [S12] S. Murugesan, “Harnessing green IT: Principles and practices,” in IT Evaluation and Assessment in Software Engineering (EASE), 2008. professional, vol. 10, pp. 24-33, 2008. [11] B. Unhelkar, Green IT Strategies and Applications: Using Environmental [S13] Y. Wati and C. Koo, “An Introduction to the Green IT balanced Intelligence. CRC Press, Boca Raton, FL, USA, 2011. scorecard as a strategic IT management system,” in 2011 44th Hawaii International Conference on System Sciences (HICSS), 2011, pp. 1-10. [12] COBIT 5 - An ISACA Framework, http://www.isaca.org/cobit [13] ISO 14000 Series: Standards for Environmental Management, http://www.iso.org/iso/iso14000 TABLE IV. MAPPING OF THE PRIMARY STUDIES RQ1 RQ2 RQ3 RQ4 RQ5 RQ6 ID a b c d e a b c d e f a b c d e f a b c d e a b c d e f g h i j k l a b c d e f S01 X X X X X X X X X X S02 X X X X X X X X X X X X X X X S03 X X X X X X X X X X X X X S04 X X X X X X X X X X X X X X X X X X S05 X X X X X X X S06 X X X X X X X X X X X X X X X X S07 X X X X X X X X X X X X S08 X X X X X X X X X X X X S09 X X X X X X X X X X X X S10 X X X X X X X X X X X X APPENDIX B. MAPPING OF THE PRIMARY STUDIES S11 X X X X X X X X X X X X X X S12 X X X X X X X X X X X X S13 X X X X X X X X X X X X X X X X X