A Framework for Implementing IT Service Management in the Field of Pre-hospital Emergency Management with an Integrated Approach COBIT Maturity Model and ITIL Framework

Document Type : Original Article


1 Student in Information Technology Management, Faculty of Management, Isfahan (Khorasgan), Islamic Azad University, Isfahan, Iran

2 Assistant Professor, Faculty of Management, Isfahan (Khorasgan) Branch, Islamic Azad University, Isfahan, Iran


Introduction: The purpose of this research is to provide an appropriate framework for
implementing IT management services in the field of pre-hospital emergencies with an
integrated approach of COBIT maturity model and ITIL framework.
Methods: In a qualitative part, experts familiar with the field of pre-hospital emergency and
information technology were purposefully selected. In the quantitative phase of the statistical
community, we included experts in the field of information technology management who
are also experts in the field of emergency, as well as university professors who worked
in the field of emergency and senior and middle managers in the field of pre-hospital
emergency entered the community. Considering the limitations of the community and the
purposefulness of the selection of individuals to enter the community, 915 individuals were
selected as a sample. To select a sample in the quantitative section, Morgan table was used.
They were selected by simple random method using software. To collect information, we
first reviewed the texts and articles in the field of ITIL and COBIT and then the extracted
codes in this category were reviewed and an overview of the research was obtained; then,
in the qualitative part the interview method and in the quantitative part the researchermade
questionnaire were used. To analyze the data in the qualitative section, we used MAX
QDA software to review and categorize the information. Then, in the quantitative section,
the researcher-made questionnaire was collected and finally the model was fitted using
confirmatory factor analysis.
Results: In the end, it was concluded that the main components such as management,
organization, processes, eyes, size, goals of the organization, staff, monitoring and evaluation,
support, organization, information architecture and service delivery and their subcomponents
were the main factors that should be paid special attention in the field of prehospital
emergency management.
Conclusion: To be more successful in implementing the organization’s framework, it must
identify the most important problems and then create a controllable domain to implement
service support processes in the organization. The selected processes should be strongly and
clearly supported by the general management of the organization. A codified and specific
plan for implementation should be developed. A coordinated and planned approach for
design, implementation should be specified and after the implementation of the mentioned
processes. After expressing the output measurement indicators of the processes, the outputs
should be measured and based on the changes that exist, these changes should be considered
and returned to the planning stage to re-formulate the steps.


1. Ali S, Green P, Robb A. Information technology investment governance: What is it and does it matter? International Journal of Accounting Information Systems. 2015;18:1-25. doi: 10.1016/j. accinf.2015.04.002.
2. Almadhoob A, Valverde R. Cybercrime prevention in the Kingdom of Bahrain via IT security audit plans. Journal of Theoretical and Applied Information Technology. 2014;65(1):274- 92.
3. Ardalan A, Kandi M, Talebian MT, Khankeh H, Masoumi G, Mohammadi R, et al. Hospitals safety from disasters in I.R.iran: the results from assessment of 224 hospitals. PLoS Curr. 2014;6. doi: 10.1371/currents. dis.8297b528bd45975bc6291804747ee5db.
4. Tuttle B, Vandervelde SD. An empirical examination of CobiT as an internal control framework for information technology. International Journal of Accounting information systems. 2007;8(4):240-63. doi: 10.1016/j. accinf.2007.09.001.
5. Vukšić VB, Bach MP, Popovič A. Supporting performance management with business process management and business intelligence: A case analysis of integration and orchestration. International journal of information management. 2013;33(4):613-9. doi: 10.1016/j. ijinfomgt.2013.03.008.
6. Boyson S, Corsi T, Rossman H. Building a cyber supply chain assurance reference model. Science Applications International Corporation (SAIC). 2009.
7. Bradford M, Earp JB, Grabski S. Centralized end-to-end identity and access management and ERP systems: A multi-case analysis using the Technology Organization Environment framework. International Journal of Accounting Information Systems. 2014;15(2):149-65. doi: 10.1016/j.accinf.2014.01.003.
8. Buys L, Miller E, editors. The meaning of” active ageing” to older Australians: Exploring the relative importance of health, participation and security. Diversity in Ageing. August 2006; Sydney: Proceedings of the 39th National Conference of the Australian Association of Gerontology; 2006: Australian Association of Gerontology.
9. Bygstad B. Generative mechanisms for innovation in information infrastructures. Information and organization. 2010;20(3 4):156-68. doi: 10.1016/j. infoandorg.2010.07.001.
10. Cram WA, Brohman MK, Gallupe RB. Addressing the control challenges of the enterprise architecture process. Journal of Information Systems. 2015;29(2):161-82. doi: 10.2308/isys-50913.
11. Crampton A. Population aging and social work practice with older adults: Demographic and policy challenges. International Social Work. 2011;54(3):313-29. doi: 10.1177/0020872810396257.
12. Vugec DS, Spremić M, Bach MP. IT governance adoption in banking and insurance sector: Longitudinal case study of cobit use. International Journal for Quality Research. 2017;11(3):691-716.
13. Damianides M. Sarbanes-Oxley and IT governance: New guidance on IT control and compliance. Information Systems Management. 2005;22(1):77-85. Doi: 10.1201/1078/44912.22.1.2 0051201/85741.9.
14. David G, Brachet T. Retention, learning by doing, and performance in emergency medical services. Health Serv Res. 2009;44(3):902-25. doi: 10.1111/j.1475-6773.2009.00953.x.
15. David G, Brachet T. On the determinants of organizational forgetting. American Economic Journal: Microeconomics. 2011;3(3):100-23. doi: 10.1257/mic.3.3.100.
16. David G, Chiang AJ. The determinants of public versus private provision of Emergency Medical Services. international Journal of industrial organization. 2009;27(2):312-9. doi: 10.1016/j. ijindorg.2008.10.001
17. David G, Harrington SE. Population density and racial differences in the performance of emergency medical services. J Health Econ. 2010;29(4):603- 15. doi: 10.1016/j.jhealeco.2010.03.004.
18. Kerr DS, Murthy US. The importance of the CobiT framework IT processes for effectiveinternal control over financial reporting
in organizations: An international survey. Information & Management. 2013;50(7):590-7.doi 10.1016/j.im.2013.07.012.
19. Khorasani Zavareh D, Mohammadi R, Laflamme L, Naghavi M, Zarei A, Haglund BJ. Estimating road traffic mortality more accurately: use of the capture-recapture method in the West Azarbaijan province of Iran. Int J Inj Contr Saf Promot. 2008;15(1):9-17. doi: 10.1080/17457300701794105.
20. Haes SD, Grembergen WV. Enterprise governance of information technology achieving alignment and value. Switzerland: Springer; 2015. doi: 10.1007/978-3-319-14547-1.
21. De Haes S, Van Grembergen W, Debreceny RS. COBIT 5 and enterprise governance of information technology: Building blocks and research opportunities. Journal of Information Systems. 2013;27(1):307-24. doi 10.2308/isys- 50422.
22. Bernroider EW, Ivanov M. IT project management control and the Control Objectives for IT and related Technology (CobiT) framework. International Journal of Project Management. 2011;29(3):325-36. doi 10.1016/j. ijproman.2010.03.002.
23. Wilde ET. Do emergency medical system response times matter for health outcomes? Health Econ. 2013;22(7):790-806. doi: 10.1002/hec.2851.
24. Lin F, Guan L, Fang W. Critical factors affecting the evaluation of information control systems with the COBIT framework: A study of CPA firms in Taiwan. Emerging Markets Finance and Trade. 2010;46(1):42-55. doi: 10.2753/REE1540- 496X460105.
25. Fernandez-Ballesteros R, Robine JM, Walker A, Kalache A. Active aging: a global goal. Curr Gerontol Geriatr Res. 2013;2013:298012. doi: 10.1155/2013/298012.
26. Grittner DH, Valverde R. An object-oriented supply chain simulation for products with high service level requirements in the embedded devices industry. International Journal of Business Performance and Supply Chain Modelling. 2012;4(3-4):246-70. doi: 10.1504/ IJBPSCM.2012.050388.
27. Herz TP, Hamel F, Uebernickel F, Brenner W. Toward a model of effective monitoring of IT application development and maintenance suppliers in multisourced environments. International Journal of Accounting Information
Systems. 2013;14(3):235-53. doi: 10.1016/j. accinf.2012.12.003.
28. Idlbek R. Using COBIT to Increase Performance: A Case Study of a Higher Education Institution.Privredna kretanja i ekonomska politika. 2011;21(126):51-85.
29. Souza Neto J, Ferreira Neto AN. Metamodel of the IT governance framework COBIT. JISTEMJournal of Information Systems and Technology Management. 2013;10(3):521-40. doi: 10.4301/ S1807-17752013000300004.
30. Joghataei MT, Nejati V. Assessment of health status of elderly people in the city of Kashan. Iranian Journal of Ageing. 2006;1(1):3-10.
31. Kraus C, Valverde R. A data warehouse design for the detection of fraud in the supply chain by using the benford’s law. American Journal of Applied Sciences. 2014;11(9):1507-18. doi: 10.3844/ ajassp.2014.1507.1518.
32. Wallace L, Lin H, Cefaratti MA. Information security and Sarbanes-Oxley compliance: An exploratory study. Journal of Information Systems. 2011;25(1):185-211. doi: 10.2308/jis.2011.25.1.185.
33. Green LV, Kolesar PJ. Anniversary article: Improving emergency responsiveness with management science. Management Science. 2004;50(8):1001-14. doi: 10.1287/mnsc.1040.0253.
34. Lunardi GL, Becker JL, Maçada ACG, Dolci PC. The impact of adopting IT governance on financial performance: An empirical analysis among Brazilian firms. International Journal of Accounting Information Systems. 2014;15(1):66- 81. doi: 10.1016/j.accinf.2013.02.001.
35. Siponen M, Willison R. Information security management standards: Problems and solutions. Information & management. 2009;46(5):267-70. doi: 10.1016/j.im.2008.12.007.
36. MacKenzie SB, Podsakoff PM, Podsakoff NP. Construct measurement and validation procedures in MIS and behavioral research: Integrating new and existing techniques. MIS quarterly. 2011:293-334. doi: 10.2307/23044045.
37. Othman M, Ahmad MN, Suliman A, Arshad NH, Maidin SS. COBIT principles to govern flood management. International journal of disaster risk reduction. 2014;9:212-23. doi 10.1016/j. ijdrr.2014.05.012.
38. Wolden M, Valverde R, Talla M. The effectiveness of COBIT 5 information security framework for reducing cyber attacks on supply chain management system. IFACPapersOnLine. 2015;48(3):1846-52. doi 10.1016/j. ifacol.2015.06.355.
39. Maxwell MS, Restrepo M, Henderson SG, Topaloglu H. Approximate dynamic programming for ambulance redeployment. INFORMS Journal on Computing. 2010;22(2):266- 81. doi: 10.1287/ijoc.1090.0345.
40. Mirzaei M, Shams Ghahfarokhi M. Demography of elder population in Iran over the period 1956 To 2006. Iranian Journal of Ageing. 2007;2(3):326- 31.
41. Mohammadi E, Allahyari T, Darvishpoor Kakhaki A, Saraei H. Determining psychometric properties of Iranian active aging measurement instrument. Iranian Journal of Ageing. 2018;12(4):414-29. doi: 10.21859/sija.12.4.414.
42. Moulaert T, Paris M. Social policy on ageing: The case of active ageing as a theatrical metaphor. Int’l J Soc Sci Stud. 2013;1:113-123. doi: 10.11114/ ijsss.v1i2.141.
43. Temizkan O, Kumar RL, Park S, Subramaniam C. Patch release behaviors of software vendors in response to vulnerabilities: An empirical analysis. Journal of management information systems. 2012;28(4):305-38. doi: 10.2753/ MIS0742-1222280411.
44. Paltasingh T, Tyagi R. Demographic transition and population ageing: Building an inclusive culture. Social Change. 2012;42(3):391-409. doi: 10.1177/0049085712454053.
45. Qureshi TM, Warraich AS, Hijazi ST. Significance of project management performance assessment (PMPA) model. International Journal of Project Management. 2009;27(4):378-88. doi: 10.1016/j. ijproman.2008.05.001.
46. Ramachandran S, Rao S, Goles T. Information security cultures of four professions. Hawaii internationalconference on system sciences, proceedings of the 41st annual, Hawaii. 2008. doi: 10.1109/HICSS.2008.201.
47. Ridley G, Young J, Carroll P. Studies to evaluate CobiT’s contribution to organisations: opportunities from the literature, 2003–06. Australian Accounting Review. 2008;18(4):334- 42.doi: 10.1111/j.1835-2561.2008.0019.x.
48. Lee S. Centrality-based ambulance dispatching for demanding emergency situations. Journal of the Operational Research Society. 2013;64(4):611- 8. doi: 10.1057/jors.2012.72.
49. Sadikin M, Hardi H, Haji WH. IT governance self assessment in higher education Based on COBIT case study: University of Mercu Buana. Journal of Advanced Management Science Vol. 2014;2(2):83- 7. doi: 10.12720/joams.2.2.83-87.
50. Sassi S, Goaied M. Financial development, ICT diffusion and economic growth: Lessons from MENA region. Telecommunications Policy. 2013;37(4-5):252-61. doi: 10.1016/j. telpol.2012.12.004.
51. Lee S. The role of centrality in ambulance dispatching. Decision Support Systems. 2012;54(1):282-91. doi: 10.1016/j.dss.2012.05.036.
52. Siponen MT. A conceptual foundation for organizational information security awareness. Information Management & Computer  Security. 2000;8(1):31-41. doi: 10.1108/09685220010353178.
53. Soriano DR, Huarng K-H. Innovation and entrepreneurship in knowledge industries. Journal of business research. 2013;66(10):1964-9. doi: 10.1016/j.jbusres.2013.02.019.
54. Stephens J, Valverde R. Security of e-procurement transactions in supply chain reengineering. Computer and Information Science. 2013;6(3). doi: 10.5539/cis.v6n3p1.
55. Talla MR, Valverde R. Data oriented and Process oriented Strategies for Legacy Information Systems Reengineering. ACEEE International Journal on Information Technology. 2012;2(1):47- 51.
56. Teece DJ, Pisano G, Shuen A. Dynamic capabilities and strategic management. Strategic management journal. 1997;18(7):509-33. doi: 10.1002/(SICI)1097-0266(199708)18:7 3.0.CO;2-Z.
57. Tukel OI, Rom WO. An empirical investigation of project evaluation criteria. International Journal of Operations & Production Management. 2001;3(21);400-16. doi: 10.1108/01443570110364704.
58. Van Donk DP, Molloy E. From organising as projects to projects as organisations. International Journal of Project Management. 2008;26(2):129- 37.doi: 10.1016/j.ijproman.2007.05.006.
59. Valverde R, Saadé RG. The effect of E-supply chain management systems in the North American electronic manufacturing services industry. Journal of Theoretical and Applied Electronic Commerce Research. 2015;10(1):79-98.
60. Valverde R, Talla M. Risk reduction of the supply chain through pooling losses in case of bankruptcy of suppliers using the black-scholesmerton pricing model. Some recent advances in mathematics and statistics: World Scientific; 2013. p. 248-56. doi: 10.1142/9789814417983_0018.
61. Valverde R. Information Systems Reengineering for Modern Business Systems: ERP, Supply Chain and E-Commerce Management Solutions: ERP, Supply Chain and E-Commerce Management Solutions: IGI Global; 2012. doi: 10.4018/978-1- 4666-0155-0.
62. Valverde R. The ontological evaluation of the requirements model when shifting from a traditional to a component-based paradigm in information systems re-engineering: Universityof Southern Queensland; 2008.
63. Valverde R, Toleman M, Cater-Steel A. A method for comparing traditional and component-based models in information systems re-engineering. Information Systems and e-Business Management. 2011;9(1):89-107. doi: 10.1007/s10257-010-0139-z.
64. Valverde R, Saade RG, Talla M. ITIL-based IT service support process reengineering. Intelligent Decision Technologies. 2014;8(2):111-30. doi: 10.3233/IDT-130182.
65. Watson C, CiSa C. COBIT Security Baseline Applied to Business Web Applications. Information System Control Journal. 2009;4.
66. Wynn Jr D, Williams CK. Principles for conducting critical realist case study researchin information systems. MIS quarterly. 2012;36(3):787-810. doi: 10.2307/41703481.
67. Wiesmann A [Internet]. A Guide to Building Secure Web Applications and Web Services, 2.0 Black Hat Edition, Free Software Foundation. [Accessed: 23rd November 2013]. Available: https://www.owasp.org/index.php/ Category:OWASP_Guide_Project