ISO/IEC 38500-2008

No Duty of Care

Leveraging ICT

ICT Roles & Responsibilities

Positioning Standards

Governance Instruments

The Club

Aust Access Card

Not for Profits

Strategic Planning

Application of AS8015 Model

Website PIs

AS8015-2005

ICT in Board Room

Governance of ICT

ICT Dispute Mediation

Service Delivery over Internet

Submission to Broadcasting Enquiry

Build or Buy?

Legal & Social Issues of E-Commerce

Submission Australian Strategy for Information Economy

Intranets

Outsourcing Internet Services

Books

Cover of Frameworks for IT Management

Frameworks for IT Management

Frameworks Pocket Guide in English & Dutch

Frameworks (Japanese)

Frameworks ( German)

Illustration of Corporate Governance of ICT by Joel TarlingAustralian Standard for Corporate Governance of Information and Communication Technology AS8015-2005

A popular enthusiasm for new technology, has made the objective evaluation of Information and Communication Technology (ICT) difficult. Audit reports into government projects, academic studies and ongoing media coverage (1) demonstrated that the approach to ICT wasn't satisfactory.

While significant financial and organisational investments were made, many ICT projects ended in failure and returned very little to the enterprise.

The use of ICT has become intrinsic to business operations and vital to the well being of organisations. Increasingly, customers and suppliers expect to do business over the Internet. As new business practices continue to be driven by developments in ICT, the threats and opportunities it offers to organisations need to be monitored and managed effectively.

Work which was to lead to the publication of AS8015 - 2005 Australian Standard for Corporate Governance of ICT commencd in 2002. The dot.com bubble had burst in 2000 and household names such as HIH, Ansett One.Tel, Enron and Worldcom had failed.

AS8015-2005, was published in January 2005. It is a brief and concise, 12 page guide to effectively governing the use of ICT. This standard positions the governance of Information and Communication Technology, within organisations, a Corporate Governance function.

"Corporate Governance of Information and Communication Technology (ICT) is the system by which the current and future use of ICT is directed and controlled. It involves evaluating and directing the plans for the use of ICT to support the organization and monitoring this use to achieve plans. It includes the strategy and policies for using ICT within an organization." - AS8015:2005

The AS8015 framework provides a model, vocabulary and six Principles for Good Governance of ICT

  1. Establish Clearly Understood Responsibilities for ICT
  2. Plan ICT to best support the organisation
  3. Acquire ICT validly
  4. Ensure that ICT performs well, whenever required
  5. Ensure ICT conforms with formal rules
  6. Ensure ICT respects human factors

The standard provides a framework for "Directors", those to whom they turn to for advice or those to whom they delegate responsibilities for managing the Security, Finances, IT strategy and operations of the organisation, such as Senior managers, technical specialists, vendors and service providers, to meet their obligations for the use of ICT in their organisations.

Relation to other Standards

AS8015 provides a context for existing management methodologies - specifically identifying four standards ISO 27000 (security management), ISO 9000(quality management), ISO 20000(service management) and AS4360 (Risk Management). It also identifies areas of Legislation which affects the ICT may be used - such as record keeping, trade practices, intellectual property and privacy.

Internationalisation

AS8015 was submitted for fast-track ISO adoption and published, largely unchanged, as ISO/IEC 38500:2008 Corporate governance of information technology in May 2008.

Project and Operations Governance Standards

The AS8015 model categorises ICT activities into projects and operations - A Draft standard for "Corporate governance of projects involving information technology investments" was issued for public comment in August 2008.

Interim Australian/New Zealand StandardTM Corporate governance of projects involving information technology investments AS/NZS 8016(Int):2010 Expires 18 February 2012 Download Free Preview

Our Involvement

Ramin Communication's principal consultant, Marghanita da Cruz, joined the Standards Australia IT Governance working group in 2002. Marghanita instigated and co-ordinated market research to position and scope the work of the group. Between 2003 and 2006, Marghanita represented the Australian Computer Society (ACS) on the Standards Australia IT-030 ICT Governance and Management Committee. Marghanita established the ACS's Governance of ICT committee in 2003, and chaired it until 2006. In 2004, with the support of the ACS, Marghanita presented a series of seminars, to socialise and seek feedback on the draft standard for corporate governance of information and communication technology.

In 2005, Marghanita established the ICT Governance Forum online discussion list.

In 2006, Marghanita wrote the chapter on the Australian Standard for Cover of Frameworks for IT ManagementFrameworks for IT Management. Frameworks for IT Management, including the chapter on AS8015 is available on Google Books and is also available in Japanese, German and Chinese and as a Pocket Guide in English and Dutch.

Interview with GRC-ME (May 2010)

Further Reading

Contact for More Information

Ramin Communications provides ICT Management Services including Guidance on Governance of ICT Projects, Staff Training and Mentoring on Governance in projects and the operation of ICT, Planning and Business Analysis. Our Principal Consultant, Marghanita da Cruz, has over 30 years of experience in implementing and managing ICT in Government, Education, Corporates, Small Business and the community.

Contact: Marghanita da Cruz
E-mail: marghanita@ramin.com.au
Telephone: (+61) 0414 869 202
Post: PO Box 341 Annandale NSW Australia 2038
Website: ramin.com.au

Enquiries Form