The recent IT governance standard released by the International Organisation for Standardisation (ISO) marks the global recognition of the importance of IT governance, and is applicable to enterprises of all types and sizes.
To help organisations adopt ISO/IEC 38500: 2008-Corporate governance of IT, ISACA's research affiliate: IT Governance Institute (ITGI), has released a free white paper, available at www.itgi.org. Titled: “ITGI Enables ISO/IEC 38500:2008 Adoption”, the paper explains how ITGI frameworks and research provide implementation support that organisations can tailor to their specific needs.
“For effective adoption of the ISO/IEC IT governance standard, organisations need specific guidance depending on their size, risk tolerance, IT investments and culture,” said Robert Stroud, international vice-president of ITGI. “As an independent research organisation designed to help organisations of all sizes and in all industries, ITGI provides free guidance that provides direct support to all enterprises that adopt this standard.”
The ITGI white paper outlines which specific framework processes and research publications support each of the six principles of the ISO/IEC standard - Responsibility, Strategy, Acquisition, Performance, Conformance and Human Behaviour. A chart provides clear identification of which publications and processes support which principle.
The good practices in the Control Objectives for Information and related Technology (COBIT) framework are a common approach to effective IT control. It has been adopted globally as the de facto standard control model for implementing and demonstrating effective IT governance and management. Val IT, a newer framework based on COBIT, helps organisations govern IT-enabled investments. Processes in both of these frameworks provide direct support for the ISO standard. Both frameworks are available as complimentary downloads from http://www.isaca.org/downloads or http://www.itgi.org.
“The significance of information and technology is evident in every aspect of business and public life, and the need to better manage IT investments and an increasing array of IT-related risks has never been greater,” said Stroud. “The new ISO standard provides a much-needed focus on IT governance and will help organisations attain more value from their information technology.”
Share
