=Paper=
{{Paper
|id=Vol-2941/paper18
|storemode=property
|title=Towards an Ontology-Driven Approach for Digital Twin Enabled Governed IT Management
|pdfUrl=https://ceur-ws.org/Vol-2941/paper18.pdf
|volume=Vol-2941
|authors=Henderik A. Proper,Dominik Bork,Geert Poels
|dblpUrl=https://dblp.org/rec/conf/i-semantics/ProperBP21
}}
==Towards an Ontology-Driven Approach for Digital Twin Enabled Governed IT Management==
https://ceur-ws.org/Vol-2941/paper18.pdf
Towards an Ontology-Driven Approach for
Digital Twin Enabled Governed IT Management
Henderik A. Proper1,2 , Dominik Bork3 , and Geert Poels4
1
Luxembourg Institute of Science and Technology, Luxembourg
2
University of Luxembourg, Luxembourg
3
TU Wien, Business Informatics Group, Vienna, Austria
4
Ghent University, Ghent, Belgium
e.proper@acm.org, dominik.bork@tuwien.ac.at, geert.poels@ugent.be
Abstract. The Digital Transformation of our society requires IT in-
frastructures to be more agile, more adaptive, and more connected than
ever. At the same time, the owners of such infrastructures are confronted
with an increase in regulatory pressure (e.g., the GDPR). These develop-
ments put a lot of stress on IT management and governance. To enable
IT management and governance to better deal with these challenges,
we propose to digitally transform IT governance and management itself
by using a Digital Twin based approach. In line with this, we aim to
create on ontology-driven Digital Twin for Governed IT Management
(DT4GITM) framework. The goal of this framework is to act as a refer-
ence architecture for a Digital Twin based infrastructure that connects
three interrelated systems: the IT governance processes, the governed
IT management processes, and the managed organizational IT assets.
The core of the framework involves a generic Governed IT Management
(GITM) Domain Ontology, which is planned to be operationalized by a
Knowledge Graph based approach that realizes an integrated view on the
heterogenous data streams originating from the IT governance and man-
agement processes, and the managed IT assets. In this paper, we start
by outlining the planned DT4GITM framework and the pivotal role of
the GITM Domain Ontology within this. We then elaborate our incre-
mental, and scenario-/case-driven strategy towards the development of
the framework as a whole, and the GITM Domain Ontology in particu-
lar. This is followed by the elaboration of a specific DT4GITM scenario
which serves as a first proof of principle.
1 Introduction
The Digital Transformation of our society puts extreme pressure on IT in-
frastructures (i.e., the system of organizational IT assets) and their associated
management processes. As a result, IT infrastructures need to be more agile,
more adaptive, and more connected than ever. At the same time, the owners of
Copyright © 2021 for this paper by its authors. Use permitted under Creative
Commons License Attribution 4.0 International (CC BY 4.0).
�these infrastructures find themselves confronted with an increase in regulatory
pressure (e.g., the GDPR).
We conceptualize the IT governance and management system as being the
whole of interrelated organizational governance assets (i.e., organizational struc-
tures, processes, and relational mechanisms [3]) that purposefully combines and
integrates three systems: (1) the organizational IT assets, (2) the associated
management processes, and (3) the IT governance processes, in order to ensure
strategic alignment, risk management, and compliance [4].
To enable IT governance and management to better deal with these chal-
lenges, we propose to digitally transform IT governance and management itself
by using a Digital Twin approach. We posit that such digitalization and the
related cultural/organizational change, make IT governance and management
more apt to address the challenges that come with digital transformation and
the corresponding changes to the organizational IT assets (e.g., IT staff, applica-
tions, data, infrastructure, processes, projects) and their management processes.
To this end, we are working towards the creation of an ontology-driven Digital
Twin for Governed IT Management (DT4GITM) framework, with a Governed
IT Management (GITM) Domain Ontology at its core.
The goal of the resulting DT4GITM framework is to serve as a reference
architecture for a Digital Twin based infrastructure that connects the earlier
mentioned interrelated systems, involving the organizational IT assets, the as-
sociated management processes, and the IT governance processes. When apply-
ing this framework in a specific organizational context, the framework, and the
generic GITM Domain Ontology in particular, will need to be specialized to the
organization-specific context and priorities.
In developing the GITM Domain Ontology, we will mainly draw on ITIL 4 [1]
and COBIT 2019 [4, 12]. Where needed, this will be complemented with concepts
from other relevant standards. We found that the performance indicators as pro-
vided by COBIT, and even ITIL, are defined rather ‘loosely’ and/or at a highly
aggregated level. This makes it difficult to directly relate them to data streams
that can be used to ‘feed’ the IT governance Digital Twin. This means that,
for the purposes of the DT4GITM framework, these indicators need to be oper-
ationalized further, both in terms of concepts in the GITM Domain Ontology,
as well as in terms of how these indicators can be qualified/quantified (which
ultimately defines the Digital Twin parameters, i.e., the data to be gathered to
materialize the Digital Twin). As will be elaborated in Section 5, we therefore,
plan to follow an incremental and scenario-/case-driven strategy to develop the
DT4GITM framework (and associated reference implementation toolset).
As mentioned before, the GITM Domain Ontology forms the core of the
DT4GITM framework. To operationalize this domain ontology, we plan to use
Knowledge Graphs [6, 7]. The use of Knowledge Graphs enables an integrated
view on the heterogenous data streams originating from the IT governance and
management processes, as well as the managed IT assets.
In the remainder of this paper, we will start by outlining the proposed
DT4GITM framework in Section 2. In Section 3 we then zoom in on first steps
2
�towards the development of the GITM Domain Ontology, in particular in terms
of concept maps for the COBIT 2019 and ITIL 4 frameworks. Section 4 then
discusses in more detail the planned operationalization of the GITM Domain
Ontology in terms of a Knowledge Graph based approach. This is followed, in
Section 5, by a discussion on the incremental, and scenario-/case-driven strategy
we will follow towards the overall development (and validation) of the DT4GITM
framework in general, and the GITM Domain Ontology in particular. Before con-
cluding, Section 6 presents a first example scenario of the use of a Digital Twin
in the context of Governed IT Management.
2 Outline of the DT4GITM framework
To guide the development of Digital Twins as data-driven and smart IT gov-
ernance systems, we propose the DT4GITM framework (see Fig. 1). An ear-
lier, and more COBIT-specific, version of this framework was included in [16].
The DT4GITM framework aims at providing a reference architecture for an IT
governance Digital Twin based infrastructure. DT4GITM defines the different
components of such infrastructures in terms of their purpose, function, and re-
lationships with other components or the system’s environment. The detailed
design and implementation of the components is subject of future research.
To provide the mirroring function (also called twinning function), the Digital
Twin should be able to represent (i.e., to model) the organizational IT assets,
as well as their management and governance processes. A first key question here
is “what” needs to be represented (i.e., what should be the model’s contents).
At the core, this question is answered by an organization-specific ontology for
IT governance, for which the DT4GITM framework provides a domain ontology
(i.e., GITM Domain Ontology in Fig. 1). This domain ontology is envisioned to
cover the entire governance system, as well as its evolution over time (within
the organization). As discussed above, the governance system includes: (1) the
system of organizational IT assets, (2) the associated management processes,
and (3) the governance processes,
A second key question is “how ” the relevant data and knowledge about or-
ganizational IT assets and their management and governance processes (i.e.,
the twinning parameters) needs to be represented. Here, we propose the use of
Knowledge Graphs as they have the ability to integrate and uniformly repre-
sent heterogeneous data. The GITM Knowledge Graph (see Fig. 1) provides a
reference how to consistently and uniformly represent all relevant data for IT
governance, including particularly data streams from IT Governance Processes,
IT Management Processes and Organizational IT Assets, which can be further
related to Other Data.
The basis for the virtual processing function is the Digital Twin based in-
frastructure that synchronizes the organization-specific ontology and the mod-
eled organizational IT assets and their management and governance processes
(i.e., virtual processing is driven by the data captured in the Digital Twin’s
Knowledge Graph). The operation of this function follows the Sense-Think-Act
3
� Fig. 1. The Digital Twin for Governed IT Management (DT4GITM) Framework
paradigm of Control Theory [17] and requires apart from analytical/simulation
capabilities for monitoring and actuation, also visualization capabilities for hu-
man interpretation (i.e., Workforce in Fig. 1). Knowledge Graph technologies
provide formalization capabilities for the machine processing of the twinning pa-
rameters and other internal and external data, to realize these virtual processing
capabilities. The Digital Twin for GITM component provides a reference archi-
tecture for developing Digital Twin based infrastructures that offer the necessary
functionalities for our envisioned solution.
3 Towards the GITM Domain Ontology
A foundational element in the realization of an IT governance Digital Twin is the
GITM Domain Ontology, as it defines more precisely what the virtual entity will
be concerned with, in terms of the concepts in the domain, their relationships
and properties, as well as possible constraints. In general, within the field of
Applied Ontology, a domain ontology enables one to define what (can) exist(s)
in a given domain [10]. As such, the GITM Domain Ontology defines not only
what the IT governance Digital Twin will be concerned with, but also the data
that needs to be gathered to monitor the status and performance and to track the
evolution of the organizational IT assets and their management and governance
processes (i.e., the IT governance twinning parameters).
The DT4GITM framework thus offers a domain ontology as a conceptual
basis for developing organization-specific ontologies for GITM. When developing
an IT governance Digital Twin in the context of a specific organization, the
generic domain ontology will need to be situated to the specific concerns of that
organization (e.g., privacy, security, costs). A design process that is driven by
the GITM Domain Ontology, ensures that relevant IT governance concepts, and
4
�their properties, relationships and constraints, are accurately represented in the
organization-specific ontology. This design process also involves defining which
twinning parameters are relevant given the specific IT governance concerns of
an organization.
To operationalize our vision of DT4GITM as a reference architecture for de-
veloping IT governance Digital Twins, the GITM Domain Ontology should at
least cover the concepts of the COBIT 2019 and ITIL 4 frameworks. This can
later be complemented with more specific concepts from relevant other stan-
dards.
In moving towards a first version of such a GITM Domain Ontology, we
already produced concept maps of the COBIT 2019 (see Section 3.1) and ITIL 4
(see Section 3.2) frameworks. First considerations of relating these two concept
maps are also presented in Section 3.3 whereas a formal integration is on our
agenda for future research. The concept maps use an informal way to graphically
distinguish concepts (blue rectangles with rounded corners), concept properties
(yellow circles), and concept instances (green squares).
3.1 COBIT 2019 Concept Map
There have been some proposals for describing the ontology underlying previous
versions of COBIT [2, 8, 13, 14]. However, to the best of our knowledge, an IT
governance domain ontology that includes the concepts of COBIT 2019 has not
been defined yet. Since the conceptual model underlying COBIT 2019 has been
purposefully designed [18], this conceptual model can be used as a starting point
for the development of the governance aspects of the GITM Domain Ontology.
Fig. 2 shows a concept map containing the concepts of COBIT’s main guid-
ance towards IT governance practitioners. Key concepts include:
Governance Components – Factors that, individually or collectively, con-
tribute to the good operations of the enterprise’s governance system over
Information Technology (IT).
Governance and Management Objective – An objective that should be
achieved for IT to contribute positively to enterprise goals. The objective
is either a governance objective or a management objective. There are five
governance objectives and 35 management objectives described in the CO-
BIT 2019 Core Model (i.e., the main focus area of the COBIT 2019 frame-
work). Such an objective always relates to one process and a collection of
governance components of other types to help achieve the objective.
Governance and Management Domain – Grouping of governance and man-
agement objectives for areas of governance or management activity. There
is one governance domain and there are four management domains.
Focus Area – A governance topic, domain or issue that can be addressed by a
collection of governance and management objectives and their components
(e.g., COBIT 2019 Core Model, cybersecurity, privacy, SMEs, and DevOps).
Processes – Describe an organized set of practices and activities to achieve
certain objectives and produce a set of outputs that support achievement of
overall IT-related goals.
5
�Fig. 2. Concept Map of the COBIT 2019 Core Model
Legend: Concepts with a thick border occur multiple times in the diagram.
6
�Governance and Management Practice – Grouping of activities, as part
of a particular process, with metrics to measure achievement of the practice.
Activity – Work to be performed, as part of a governance or management
practice, at a certain capability level.
3.2 ITIL 4 Concept Map
To obtain a more complete description of organizational IT assets and their man-
agement processes we will (as already hinted at in the introduction) primarily
draw on concepts from the ITIL 4 framework for IT service management [1].
Fig. 3 shows a concept map for the key concepts as identified in the ITIL
4 framework [1]. This concept map will be used in the further development of
the IT management related aspects of the GITM Domain Ontology. The main
identified concepts are:
IT Service Management (ITSM) Practice – A set of organizational resour-
ces designed for performing work or accomplishing an objective. There are 34
ITSM practices in the ITIL 4 framework: 14 general management practices,
17 service management practices, and three technical management practices.
Generic Value Chain Activity – Steps that an organization takes in the cre-
ation of value. There are six generic value chain activities in ITIL 4: plan,
improve, engage, design and transition, obtain/build, deliver and support.
Guiding Principle – A recommendation that guides an organization in all
circumstances, regardless of changes in its goals, strategies, types of work,
or management structure.
Value Stream – A specific combination of value chain activities and practices,
designed for a specific scenario, that describes a series of steps an organi-
zation undertakes to create and deliver products and services to consumers.
Provides a complete guide to the activities, practices, and roles involved to
realize an intended outcome.
As we will discuss in Section 5, we will follow a (real world) case-driven approach
in the development of the DT4GITM framework in general, and the GITM
Domain Ontology in particular. In doing so, we also plan to include (relevant
parts of) existing ontologies for ITIL (see e.g. [19, 5]).
3.3 Relating COBIT 2019 and ITIL 4
In developing the GITM Domain Ontology, it will be necessary to integrate/
align the concepts from ITIL 4 and COBIT 2019.
When comparing the concept maps of COBIT 2019 and ITIL 4, we already
see that the guidance provided in an ITIL 4 Value Stream is comparable in
terms of purpose and granularity to the guidance provided in a COBIT 2019
Governance and Management Practice, making ITIL 4 Value Stream steps simi-
lar to COBIT 2019 activities. The guidance provided in ITIL 4 is, however, more
detailed and more situation-specific. For instance, ITIL 4 describes responsible
7
� Fig. 3. Concept Map of the ITIL 4 Framework
roles, inputs/outputs, resources and operations to be performed at the level
of individual value stream steps, whereas COBIT 2019 describes responsible/
accountable roles and information items flowing in and out at the more aggre-
gate level of practices. Further differences are that ITIL 4 does not cover IT
governance responsibilities and activities, while COBIT 2019 also has a broader
view of IT management, extending beyond developing and improving the IT
service management capability. For instance, processes such as budget manage-
ment, innovation management, and data management are not covered in ITIL
4. On the other hand, an ITIL ITSM practice such as service catalogue man-
agement, is present in COBIT 2019, but only at the activity level, so with much
less comprehensive guidance.
4 The Role of the GITM Knowledge Graph
The GITM Domain Ontology, and its organization specific refinement, also de-
fines the twinning parameters (i.e., data about organizational IT assets and their
management and governance processes) that are relevant to an organization and
its specific IT governance concerns. As mentioned above, to represent these twin-
ning parameters and to integrate them with other relevant data and knowledge
representations, including data from external sources (see Fig. 1), we plan to use
a Knowledge Graph based approach.
The GITM Knowledge Graph component of our framework provides a refer-
ence of how such Knowledge Graphs can be constructed. Furthermore, it de-
scribes the visualization and formalization capabilities that such Knowledge
Graphs should offer to allow for human interpretation of the information and
machine processing of the data, respectively. Operationally, the GITM Knowl-
edge Graph component consists of a set of tools that realize interactive visu-
alizations (e.g., Visual Analytics tools, Business Intelligence dashboards) and
8
�efficient querying of the vast amounts of IT governance related data in order to
support decision making.
Metrics for IT governance and management performance indicators can be
operationalized as predefined queries which can be easily parameterized and ex-
ecuted by business users. Moreover, powerful Knowledge Graph platforms like
Stardog1 , fed with the data of the organization-specific IT governance Digital
Twin’s Knowledge Graph, enable the application of advanced AI algorithms to
also proactively respond to environmental or internal changes of the organiza-
tional IT assets and their management processes.
Consequently, the realization of the GITM Knowledge Graph will have to
cater for the fact that the Workforce (see Fig. 1) has diverse backgrounds and
roles with regards to IT governance and management. The DT4GITM frame-
work needs to make the data-driven and AI-enabled algorithms accessible and
comprehensible in adequate graphical user interfaces to be applicable.
5 Strategy to Develop the GITM Domain Ontology
Since the DT4GITM framework, and the GITM Domain Ontology that is part
of it, are artifacts designed as solutions for solving problems related to the chal-
lenges posed by the Digital Transformation to IT governance, we will use a
Design Science Research methodology [9, 15]. The DT4GITM framework, as a
reference architecture, also needs to be complemented with heuristics to apply
(and refine) the reference architecture in specific situations. This is where we
will use Situational Method Engineering [11] as a research method. Using ex-
ample scenarios, and real-world cases, situational factors will be identified to
differentiate the specificities of the cases, as well as guidelines and heuristics to
tune the GITM Domain Ontology and/or DT4GITM reference architecture to
the situation at hand.
As discussed before, the conceptual models of COBIT 2019 and ITIL 4 require
more elaboration in terms of their performance indicators such that sensors
and data streams can be defined. Specific concerns/qualities, such as security,
performance, costs, etc, are also likely to lead to a need to refine the GITM
Domain Ontology. This process will also be driven by the needs of example
scenarios and real-world cases, which will also result in requirements on the
actual GITM Domain Ontology.
For the GITM Domain Ontology, this leads to the situation as depicted in
Fig. 4. The triangle represents the ontology, involving different levels of generic-
ity. At the top, we find a foundational ontology (e.g., UFO [10]). Using conceptual
models of the contributing frameworks and standards as a base, as exemplified
by the concept maps discussed in Section 3, we will then define an IT generic
GITM Domain Ontology expressed in terms of the foundational ontology. This
part of the ontology is IT generic in the sense that it may refer to e.g., IT as-
sets, but does not yet refer to specific information technologies, such as WiFi,
1
https://www.stardog.com/, last visited: 09.07.2021
9
� COBIT & ITIL
Foundational ontology
DT4GITM
IT generic
framework
IT & concern specific
Organisation specific
applications
scenarios & cases
Fig. 4. Development and evolution of the GITM Domain Ontology
Blockchain, Cloud solutions, etc. Driven by concrete scenarios and cases, this
IT generic ontology can then be refined further (and iteratively validated and
improved) towards (1) considerations pertaining to specific information tech-
nologies, and (2) specific concerns/qualities. This IT & concern specific part
of the ontology is still organization agnostic. In other words, for a specific or-
ganization, with its priorities, technology choices, etc., further refinements will
be necessary. For the DT4GITM framework, as a reference architecture, only
the three higher levels of the (stratified) ontology will be included, where the
DT4GITM framework is also foreseen to include guidelines (designed using a
Situational Method Engineering approach) for specializing the generic core to
an organization specific ontology.
What is also hinted at in Fig. 4 is the further evolution of the ontology when
applying it in different organizations. Here, it is expected to see the strongest
evolution for the lower layers while the upper layers – especially the foundational
ontology – should remain stable.
6 A Hardware Incident Management Scenario
Fig. 5 shows the ITIL 4 value stream for hardware incident management as
applied to the failure of a wireless access point in a warehouse [1]. Each row is a
value stream step that refers to one or more generic value chain activities and
zero or more ITSM practices. Also the roles involved in the incident management
procedure and the activities to be performed, are detailed. It is intended that
all these concepts (see Fig. 3) are included in the GITM Domain Ontology of
the organization.
Returning to the example, as a result of the failure, the warehouse forklift
driver cannot receive instructions quickly enough. Before the incident can be
resolved, it needs to be noticed. Next, the appropriate procedures need to be
triggered to fix the problem and learn from it.
It is clear that technology can considerably speed up this sense-think-act pro-
cess described in the value stream. In our envisioned Digital Twin solution, the
10
�Fig. 5. Example ITIL 4 value stream for hardware incident management [1]
11
�wireless access point would be represented in the organization’s GITM Knowl-
edge Graph as an instance of an organization-specific IT asset concept in the
GITM Domain Ontology (e.g., wireless communication device). The Knowledge
Graph would relate it to other relevant information such as its location (i.e., the
warehouse), its state, etc. Data streams from the access point logs and a sensor
would be in place to automatically detect failures, and such failure signals would
change the state of the device in the Knowledge Graph. A rule-based component
would automatically qualify the incident as a Priority 2 incident which would di-
rectly trigger its resolution. The Knowledge Graph comprises information of the
workforce and their roles. A network support engineer would be contacted who
would then actuate the resolution procedure. Most likely, she would first replace
the access point in order to immediately enable the forklift driver to resume
the standard way of working. The Knowledge Graph incorporates data from the
Configuration Management System (CMS) that describes the configuration of
the warehouse access points to properly function within the organization’s net-
work. Moreover, the Knowledge Graph enables the network support engineer to
execute a query that would help her identifying similar access points that are
currently either not in use or dispensable.
The data about the failure would also be available for further analysis. For
instance, accumulating failure data of wireless access points could be used for
developing a predictive maintenance model, in the hope that next time a re-
placement is installed already before the device actually breaks. Moreover, feed-
back gained from all involved persons of this value stream will be collected and
analyzed in the Knowledge Graph in order to learn about the quality of the
implemented resolution in particular as well as on the incident management in
general.
As the example scenario illustrates the connectedness of IT assets and gov-
ernance/management processes realized through the Digital Twin based infras-
tructure, allows for directed and timely reactive and proactive responses of the
IT governance/management system. But also, the ontology-driven approach in-
duces a certain robustness in the system (as suggested in Fig. 4), making the sys-
tem more adaptive and IT governance and management more agile. For instance,
further warehouse automation would replace forklift drivers by robots that are
actuated by the warehouse control system. The wireless access point would be
replaced by built-in IoT devices. This would only affect the organization-specific
GITM Domain Ontology, but not the IT & concern specific, IT generic, and
foundational layers of the GITM Domain Ontology of the DT4GITM frame-
work. In other words, it would be clear how to adapt the organization-specific
Knowledge Graph to the new situation and to figure out the required changes
to the rule-based component.
7 Conclusion
The Digital Transformation of our society requires IT infrastructures to be more
agile, more adaptive, and more connected than ever. In the paper at hand we
12
�argue for a digital transformation of IT governance and management itself by
proposing the Digital Twin for Governed IT Management (DT4GITM) frame-
work that applies the concept of Digital Twins to IT governance. The conceptual
backbone of DT4GITM is a domain ontology that aims to formally represent the
concepts, properties, and relationships of COBIT 2019 and ITIL 4 frameworks,
amongst other relevant standards and frameworks for IT governance and man-
agement.
The paper described the conceptual outline of the DT4GITM framework and
elaborated on our strategy for developing the GITM Domain Ontology. The po-
tential benefits of using the framework were exemplified by means of a hardware
incident management scenario from ITIL 4. We believe this paper establishes a
meaningful foundation for research in the direction of digital transformation of
IT governance and management. Our plans for the near future are to apply and
evolve the DT4GITM framework and the GITM Domain Ontology in real case
studies.
References
1. Axelos: ITIL Foundation. ITIL 4. The Stationery Office, London, UK (2019)
2. Chergui, M., Sayouti, A., Medromi, H.: It governance ontology building process:
Example of developing audit ontology. International Journal of Computer Tech-
niques 2(1), 134–141 (2015)
3. De Haes, S., Van Grembergen, W.: An exploratory study into it governance im-
plementations and its impact on business/it alignment. Information Systems Man-
agement 26(2), 123–137 (2009)
4. De Haes, S., Van Grembergen, W., Joshi, A., Huygh, T.: Enterprise Governance of
Information Technology. Achieving Alignment and Value in Digital Organizations.
Springer, Heidelberg, Germany, 3rd edn. (2020)
5. El Yamami, A., Mansouri, K., Qbadou, M., Illoussamen, E.: An ontological rep-
resentation of itil framework service level management process. In: Khoukhi, F.,
Bahaj, M., Ezziyyani, M. (eds.) Smart Data and Computational Intelligence. pp.
88–94. Springer International Publishing, Cham (2019)
6. Fensel, D., Simsek, U., Angele, K., Huaman, E., Elias, K., Panasiuk, O., Toma, I.,
Umbrich, J., Wahler, A.: Knowledge Graphs – Methodology, Tools and Selected
Use Cases. Springer, Heidelberg, Germany (2020)
7. Galkin, M., Auer, S., Scerri, S.: Enterprise knowledge graphs: A backbone of linked
enterprise data. In: 2016 IEEE/WIC/ACM International Conference on Web In-
telligence (WI). pp. 497–502 (2016). https://doi.org/10.1109/WI.2016.0083
8. Goeken, M., Alter, S.: Representing it governance frameworks as metamodels. In:
CSREA EEE. pp. 48–54 (2008)
9. Gregor, S., Jones, D.: The Anatomy of a Design Theory. Journal of the Association
for Information Systems 8(5), 312–335 (2007)
10. Guizzardi, G.: Ontological Foundations for Structural Conceptual Models. Ph.D.
thesis, University of Twente, Enschede, the Netherlands (2005)
11. Henderson-Sellers, B. and Ralyté, J.: Situational method engineering: state-of-the-
art review. Journal of Universal Computer Science 16(3), 424–478 (2010)
12. COBIT 2019 Framework: Governance and Management Objectives. ISACA,
Schaumberg, Illinois (2019)
13
�13. Moudoubah, L., El Yamami, A., Mansouri, K., Qbadou, M.: Towards the imple-
mentation of an ontology based on COBIT Framework (CobitOntology). In: Pro-
ceedings of the 1st International Conference on Smart Systems and Data Science.
pp. 1–6 (2019)
14. Nugroho, H.: Conceptual model of IT governance for higher education based on
COBIT 5 framework. Journal of Theoretical and Applied Information Technology
60(2), 216–221 (2014)
15. Peffers, K., Rothenberger, M., Tuunanen, T., Vaezi, R.: Design science research
evaluation. In: Peffers, K., Rothenberger, M., Kuechler, B. (eds.) Design Science
Research in Information Systems. Advances in Theory and Practice. pp. 398–410.
Springer Berlin Heidelberg, Berlin, Heidelberg (2012)
16. Poels, G., Proper, H.A., Bork, D.: DT4GITM – Towards a Digital Twin Framework
for Enterprise Governance of Information Technology. In: Sumitted to the 55th
Hawaii International Conference on System Sciences. p. under review (2022)
17. Siegel, M.: The sense-think-act paradigm revisited. In: Robotic Sensing, 2003.
ROSE’03. 1st International Workshop on. pp. 5–10 (June 2003)
18. Steuperaert, D.: COBIT 2019: A significant update. EDPACS - The EDP Audit,
Control, and Security Newsletter 59(1), 14–18 (2019)
19. Valiente, M.C., Garcia-Barriocanal, E., Sicilia, M.A.: Applying an ontology ap-
proach to it service management for business-it integration. Knowledge-Based Sys-
tems 28, 76–87 (2012). https://doi.org/10.1016/j.knosys.2011.12.003
14
�