New ISO standard for IT Governance: ISO/IEC 38500

Recently something new and very interesting for our Master thesis caught our attention. It is a new ISO standard for IT Governance, ISO 38500. This new standard is the very first official statement that is made on the definition and specification of IT Governance and will probably have significant influence on the organization of the information management function. The new ISO standard was based on the Australian Standard AS8015 . According to Serge Thorn’s IT Blog AS8015 provides six guiding principles for good corporate governance and the effective, efficient and acceptable use of ICT. The six principles (and examples of each) are:

1. Establish clearly understood responsibilities for ICT (eg. ensure individuals understand and accept their responsibilities)
2. Plan ICT to best support the organisation (eg. ensure ICT plans fit current and future needs and the organisation’s corporate plans)
3. Acquire ICT validly (eg. ICT acquisitions should be made for approved reasons and in the approved way; on the basis of ongoing analysis)
4. Ensure ICT performs well, whenever required (eg. ensure ICT is fit for its purpose and is responsive to changing requirements)
5. Ensure ICT conforms with formal rules (eg. ensure compliance with external regulations and internal policies and practices)
6. Ensure ICT use respects human factors (eg. ensure ICT meets the evolving needs of the ‘people in the process’)

There is not much more information on the internet to be found on this new standard, however we have been offered to join the launch event on May 26 in Amsterdam by our supervisor, John Gøtze. The question now is how to implement this standard in our Master thesis… and whether or not we have time!

Read Full Post »