Information & Communication Technology
International Standard
ISO/IEC 38500:2008, "Corporate governance of information technology"
Marghanita da Cruz 10 July 2007
AS8015-2005 The Australian Standard for Corporate Governance of Information and Communication Technology was submitted for fast-track ISO adoption. It was published as ISO/IEC 38500:2008 Corporate Governance of information technology in May 2008, largely unchanged.
The standard for the Governance of IT provides a framework through which "Directors", those to whom they turn to for advice or those to whom they delegate responsibilities for managing the operations of the organisation, such as Senior managers, technical specialists, vendors and service providers, can understand their obligations and work more effectively to maximise the return and minimise the cost of using ICT in their organisations.
- Positioning the IT Governance Standard
- "Finally IT Governance will be recognised as a standard. We already had a series of ISO standards for various IT Governance domains such as IT Service Management ISO 20000, Security Management ISO 27001, and Quality ISO 9000, but recently the international organization recognized that a new standard would be well accepted." - IT Governance, finally a worldwide recognition: ISO 38500 (Sergethorn Blogspon 29 April, 2008)
- "My initial reaction to the ISO 38500 announcement is that it is targeted to the Boards of Directors and guides how they judge the IT organization while Val IT represents guidance to the CIO organization about the processes they put in place to demonstrate their performance to the Boards of Directors." - ISO IEC 38500 > and Val IT(IBM Blog 08/06/16)
- "IT is also a significant enabler in the future business plans of many organizations. ISO/IEC 38500:2008 will help the governing body to evaluate, direct and monitor the use of IT," Coallier said. - ISO/IEC 38500 Standard Covers Corporate Governance of Information Tech (electronics.ihs.comJune 18, 2008)
- "This new standard is the very first official statement that is made on the definition and specification of IT Governance and will probably have significant influence on the organization of the information management function." - New ISO standard for IT Governance: ISO/IEC 38500 ( 7. maj, 2008)
- "Because inadequate information technology (IT) systems can hinder the performance and competitiveness of organizations or expose them to the risk of not complying with legislation, the new ISO/IEC 38500..." -
ISO/IEC Standard Published for Governance of Information Technology (egov.vic.gov.au 12 June 2008)
- "Then again, it's just another ISO standard. I will read it before passing judgement...or sitting for my 'black belt.'" We Want to Believe...But (www.drunkendata.comJune 17th, 2008)
- "An interesting napkin fact - nearly a third of IPOs over the past 12 months were for businesses that are solely technology company (i.e., they are not making a widget in a factory but have digital assets and such services)....It is a total of 16 pages, so an astonishingly short read for such an important subject. Similar to how BS 7799 became ISO 17799...AS8015-2005" - Greater Guidance and IT Governance with ISO 38500 (www.itcomplianceandcontrols.com June 24th, 2008)
- "Global understanding of governance concepts and practices has also progressed since COBIT 4.1 was
released in 2007, with increased focus on the enterprise governance of IT with the release of ISO
38500:2008, Corporate Governance of Information Technology, and other legislation and codes of practice
such as KING III in South Africa, the first national corporate governance code to specifically mandate IT
governance." - COBIT® 5 Design (Exposure Draft) March 2010(ISACA)
