TQMC has acquired wide Domain Knowledge and Experience. You can FREELY access it here and here

DISCLAIMER: This matter here is a guide only. For authentic and up-to-date information, please contact TQMC.

The DIRECTIVES and STANDARDS listed here may have been subsequently REVISED . You must refer to the CURRENT REVISION and AMENDMENTS if any.

Friday, June 18, 2010

IT Governance = ISO 38500

ISO38500 - ISO 38500 - International Standard for Corporate Governance of IT (IT Governance) - ISO/IEC 38500

ISO38500, the international standard for the corporate governance of information technology has now been published.

ISO/IEC 38500 draws upon a number of sources, chief of which is AS 8015:2005, which defines six principles (establish responsibilities, plan to best support the organization, acquire validly, ensure performance when required, ensure comformance with rules, ensure respect for human factors).

ISO/IEC 29382, Corporate Governance of Information and Communication Technology, was first published early in 2007 as a fast track candidate from the existing Australian standard AS8015. It was officially re-named ISO/IEC 38500 in April 2008. As is usual with international standards, it is intended to provide guiding principles to any organization, regardless of size or sector.

ISO/IEC 38500 is available in two formats: hardcopy and immediate download.

There is also a handy, downloadable pocket guide to the standard.

If you would like us to notify you with emerging information about ISO/IEC 38500, including details of training and implementation guidance, please leave your email address here:


ISO 38500 abstract from ISO Website:

ISO/IEC 38500:2008 provides guiding principles for directors of organizations (including owners, board members, directors, partners, senior executives, or similar) on the effective, efficient, and acceptable use of Information Technology (IT) within their organizations.

ISO/IEC 38500:2008 applies to the governance of management processes (and decisions) relating to the information and communication services used by an organization. These processes could be controlled by IT specialists within the organization or external service providers, or by business units within the organization.

It also provides guidance to those advising, informing, or assisting directors.

They include:
  • senior managers;
  • members of groups monitoring the resources within the organization;
  • external business or technical specialists, such as legal or accounting specialists, retail associations, or professional bodies;
  • vendors of hardware, software, communications and other IT products;
  • internal and external service providers (including consultants);
  • IT auditors.

Implementing ISO/IEC 38500 IT Governance - the Calder-Moir Framework 

While the IT governance standard is a brilliantly short and straightforward international standard, actual implementation of an IT governance framework can be challenging. The Calder-Moir IT Governance Framework evolved alongside the evolution of the international standard, as a conceptual approach to help organisations visualise effective IT governance, drawing on and integrating the wide range of IT management tools and systems that exist in the world today.

The effectiveness of the Calder-Moir Framework as a unifying approach to IT governance and management is exemplified by the IT Governance Framework Toolkit, a product that now reflects ISO/IEC 38500 and provides practical, detailed tools and guidance for implementing IT governance in your organisation.

Read IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT for practical guidance on how to implement an IT Governance framework based on ISO 38500 in your own organisation.


No comments:

Post a Comment