IT Governance and The International Standard, ISO/IEC 38500
ISO 38500 is the International Standard for Corporate Governance of Information Technology.
ISO/IEC 38500 draws upon a number of sources, chief of which is AS 8015:2005, which defines the following six principles:
- Establish responsibilities
- Plan to best support the organisation
- Acquire validly
- Ensure performance when required
- Ensure conformance with rules
- Ensure respect for human factors.
ISO/IEC 29382, Corporate Governance of Information and Communication Technology, was first published early in 2007 as a fast-track candidate from the existing Australian standard AS8015. It was officially re-named ISO/IEC 38500 in April 2008. As is usual with international standards, it is intended to provide guiding principles to any organisation, regardless of size of sector.
ISO/IEC 38500 applies to the governance of management processes relating to the information and communication services used by an organisation. These processes could be controlled by IT specialists within an organisation or external service providers. Hence the name for these processes is “IT governance”.
Take a demo of our ISO 38500 IT Governance Toolkit by subscribing with your e-mail address below and see how we can help you achieve ISO/IEC 38500 certification:
Implementing ISO/IEC 38500 in IT governance
While the IT governance standard is a brilliantly short and straightforward international standard, actual implementation of an IT governance framework can be challenging. The Calder-Moir IT Governance Framework evolved alongside the evolution of the international standard, as a conceptual approach to help organisations visualise effective IT governance, drawing upon and integrating the wide range of IT management tools and systems that exist in the world today.
The IT governance framework can be presented in the following graph:
The IT Governance Framework Toolkit – based on the Calder-Moir IT Governance Framework and the groundbreaking work in Alan Calder’s two books (IT Governance: Guidelines for Directors and IT Governance Today: a Practitioner’s Handbook) – has been developed to enable company boards, supported by their compliance, regulatory and governance practitioners, to help themselves develop, improve and strengthen their IT governance.
The toolkit contains a comprehensive collection (98 documents and nearly 1,600 pages) of critical and how useful resources – templates, guidelines, checklists, questionnaires, slide presentations, assessments and planning tools.
You can benefit from the full value of the Calder-Moir Framework and ISO/IEC 38500 in your organisation by using our specially developed toolkit to help you design and deploy a best-practice IT governance framework that brings maximum value.
Download our ISO 38500 IT Governance Framework Toolkit today for immediate deployment. It costs less than one day of a consultant’s time!
||IT Governance – Guidelines for Directors (eBook) – This important new book provides directors, executives, managers and professional advisers with clear, pragmatic guidelines for ensuring that IT and the business work together for the same strategic objectives.
||IT Governance Today – a Practitioner’s Handbook (eBook) – This book assesses the strengths and weaknesses – in the context of competitiveness, corporate governance demands and regulatory requirements – of current frameworks (including COSO, CoBIT, ITIL, ISO 15000, ISO17799, AS 8015, GAISP).
||IT Governance: A Pocket Guide (eBook) – This new downloadable pocket guide in the Practical IT Governance series, is designed to provide the reader with a basic understanding of how an organisation's information technology supports and enables the achievement of its strategies and objectives.