The International Organization for Standards has produced a guideline for governance of information technology. It is a framework of principles for decision flows on: Responsibility, Strategy, Acquisition, Performance, Conformance, and Human Behavior that draws, as so many do, from the Australian Standards, in this case, AS 8015. (Where would IM be without Canada in the 80s-90s and Australia in the 90s-20s?)
As with any standard, the effort to interpret and achieve compliance must fit within the overall governance and operational context.
ISO/IEC 38500:2008 provides guiding principles for owners, board members, partners, senior officers and directors of organizations on the effective, efficient, and acceptable use of Information Technology (IT) within their organizations. The standard applies to the governance of management processes (and decisions) relating to the information and communication services used by an organization, processes which may be by IT specialists within the organization or external service providers, or by business units within the organization.
This standard should be considered in tandem with ISO 15489 and informed by the quality guidelines of ISO 9000:2001. Information and documentation - Records management. At IRM Strategies, we work with you to ensure a governance practice that fits well with compliance initiatives as well as the capacity building, so critical to future performance.
