Guidance for organizations adopting the ISO/IEC 38500
Published:
February 23 2009, 09:00 AM
by
Robert Stroud
IT Governance has been growing in momentum now for several years. In mid 2008 ISO released the first version of their standard for the Corporate governance of information technology - ISO/IEC 38500: 2008. ISO38500 defines six principles for governance including; responsibility, strategy, acquisition, performance, conformance and human behavior. As a principle based standard there is no prescription given in the ISO/IEC IT governance standard. To execute organizations will need specific guidance depending on their size, risk tolerance, IT investments and culture and the ITGI has a number of publications including COBIT to assist you on this journey.
Almost daily I am getting questions on how the ITGI frameworks and other publications map to ISO 38500. You may be interested in a recently released white paper from the ITGI titled "ITGI Enables ISO/IEC 38500:2008 Adoption." The white paper is available for a free download from the ITGI website http://www.isaca.org/Journal/Past-Issues/2009/Volume-3/Documents/jpdf0903-itgi-enables-iso-iec.pdf. I encourage you to take a few moments to read this paper.
By: Robert Stroud
Robert Stroud serves as VP and as Service Management, Cloud Computing and Governance Evangelist at CA Technologies. Robert also serves as an International vice president of ISACA, is part of the Framework committee and was the former chair of the COBIT Steering Committee. Robert also serves on the itSMF...
Read More..
1 person has left a comment: