Infonomics
Plain language about Corporate Governance of
Information Technology for Executives and Directors  
●Published June 2008
 ●Based on AS8015:2005
●For business AND IT leaders
●Focus on USE of IT
●Demand and supply balance
The International Standard for Corporate Governance of IT was confirmed in November 2007 and iwas released for sale by ISO in June 2008.

It defines IT Governance, explains why it is important and establishes  principles to guide behaviour in pursuit of good IT Governance.

Click here to buy ISO/IEC 38500

 

ISO/IEC 38500 was developed under the fast-track procedures of ISO/IEC JTC1, and is based on the Australian Standard AS8015:2005.

 

The original Australian Standard was developed by Standards Australia Technical Committee IT-030.  The project commenced during 2002, and development of the core standard was finalised late in 2004.  AS8015 was officially launched on 31 January 2005.

 

Adoption of AS8015 as an International Standard was the responsibility of an international study group constituted under JTC1 subcommittee SC7 (Software and System Engineering).

 

Recognising that Corporate Governance of IT is relevant to a much wider range of disciplines than just Software and Systems Engineering, JTC1 has established a further International Study Group to recommend how ongoing management and development of standards relating to governance of IT should be organised.  This study group met for the first time in Sydney, Australia, in February 2008.  Its second meeting is set for Berlin in May 2008.  It is due to report to the November 2008 Plenary Meeting of JTC1.

ISO/IEC 38500 is a short document, written using plain language.  It is designed to be read, understood and used by business leaders including members of the top governing body (the board of directors or equivalent).

 

The standard recognises that every organisation is unique, and does not attempt to prescribe detailed processes for corporate governance of IT.  To do so would probably result in cumbersome overheads that would reduce, rather than enhance performance.  The standard clearly says that every organisation needs to design its own arrangements for Corporate Governance of IT, paying heed to the broader characteristics of the organisation.

 

Good corporate governance is as much about behaviour as it is about process, and ISO/IEC 38500 provides clear advice about behaviour, through six key principles for good governance of IT.

 

ISO/IEC 38500 provides the essential key to helping organisations ensure that they do have effective direction and control of their IT, because it provides the context in which to understand that Corporate Governance of IT has to address both demand for, and supply of IT.

>More about ISO/IEC 38500