| 词条 | ISO/IEC 38500 |
| 释义 |
HistoryThe introduction of AS 8015 in 2005 brought about the first standard "to describe governance of IT without resorting to descriptions of management systems and processes."[3] The 12-page document stood out and attracted the attention of the international community. The ISO/IEC technical committee JTC 1 reached out to Standards Australia, the group that pushed AS 8015 forward, and asked them to participate in the international adaptation process.[4] A study group (WG25) was set up with individuals from all around the world participating, including co-chair Ed Lewis from Standards Australia.[5] On February 1, 2007, the ISO/IEC published the first draft international standard (DIS) of the revised AS 8015 as ISO/IEC DIS 29382.[6] The DIS then received "fast-track" status in July 2007[5] (meaning the draft standard could then be submitted for approval as an ISO standard[7]), revisions of the document were made in September 2007, and the final disposition of comments was completed in January 2008, resulting in the standard being sent to the ISO/IEC Information Technology Task Force for international standards processing.[8] Depending on the source, shortly before final approval of the standard in either April[9][10] or May 2008,[11] the ISO/IEC chose to rename the document ISO/IEC 38500, before finally publishing the finalized version on June 1 as ISO/IEC 38500:2008.[11][12] Updates to the standardOn February 12, 2015, the ISO/IEC updated the standard to 38500:2015. Standards Australia described the changes as such:[13] With the evolution of thinking in the field of IT governance, ISO/IEC 38500 was revised in 2015. The main changes include the title of the standard, from Corporate Governance of IT to Governance of IT for the Organization, which reflects the wider applicability of the standard. Terminology and definitions have also been updated and refined throughout the document to reflect the widened scope and to make the standard more applicable across different international jurisdictions, cultures and languages. In a February 2015 article submitted to Communications of the ACM, Juiz and Toomey (involved in the development process) highlighted this "wider applicability":[3] In the ISO/IEC 38500 model, the governing body is a generic entity (the individual or group of individuals) responsible and accountable for performance and conformance (through control) of the organization. While ISO/IEC 38500 makes clear the role of the governing body, it also allows that such delegation could result in a subsidiary entity giving more focused attention to the tasks in governance of IT (such as creation of a board committee). It also includes delegation of detail to management, as in finance and human resources. There is an implicit expectation that the governing body will require management establish systems to plan, build, and run the IT-enabled organization. The standardISO/IEC 38500 is applicable to organizations of all sizes, including public and private companies, government entities, and not-for-profit organizations. This standard provides guiding principles for directors of organizations on the effective, efficient, and acceptable use of Information Technology (IT) within their organizations. It is organized into three prime sections: Scope, Framework and Guidance.[1][3] The framework comprises definitions, principles and a model. It sets out six principles for good corporate governance of IT:[1][3]
It also provides guidance to those advising, informing, or assisting directors. See also
References1. ^1 2 {{cite book |url=https://books.google.com/books?id=m5U6AwAAQBAJ&pg=PT199 |chapter=Chapter 10: Information Governance and Information Technology Functions |title=Information Governance: Concepts, Strategies, and Best Practices |author=Smallwood, R.F. |publisher=John Wiley & Sons, Inc |pages=189–206 |year=2014 |isbn=9781118421017 |accessdate=23 June 2016}} {{ISO standards}}{{List of International Electrotechnical Commission standards}}{{DEFAULTSORT:ISO IEC 38500}}2. ^{{cite web |url=http://www.infonomics.com.au/Web%20Content/Documents/The_Infonomics_Letter_Special_Edition_Nov_2008.pdf |format=PDF |title=A Significant Achievement |author=Toomey, M. |work=The Informatics Letter |publisher=Infonomics Pty Ltd |date=20 November 2008 |accessdate=23 June 2016}} 3. ^1 2 3 {{cite journal |title=To Govern IT, or Not to Govern IT? |journal=Communications of the ACM |author1=Juiz, C. |author2=Toomey, M. |volume=58 |issue=2 |pages=58–64 |year=2015 |doi=10.1145/2656385}} 4. ^{{cite journal |title=Australia leads the world on ICT governance |journal=Up |author=McKay, A. |volume=8 |issue=Summer 2007 |page=3 |year=2007 |url=http://www.icsid.org/smallbox4/file.php?sb47dec3c68a502 |format=PDF |accessdate=23 June 2016}} 5. ^1 {{cite web |url=http://www.slideshare.net/feltus/iso-iec-29382-the-new-standard-for-ict-governance-christophe-feltus |title=ISO/IEC 29382 - The new standard for ICT governance |author=Feltus, C. |work=SlideShare |publisher=LinkedIn Corporation |pages=8–10 |date=21 July 2010 |accessdate=23 June 2016}} 6. ^{{cite web |url=https://global.ihs.com/doc_detail.cfm?&item_s_key=00490704 |archiveurl=https://web.archive.org/web/20160623191716/https://global.ihs.com/doc_detail.cfm?&item_s_key=00490704 |title=ISO/IEC DIS 29382: 2007 Edition, February 1, 2007 |work=IHS Standards Store |publisher=IHS, Inc |archivedate=23 June 2016 |accessdate=23 June 2016}} 7. ^{{cite web |url=https://blogs.msdn.microsoft.com/brian_jones/2007/01/29/explanation-of-the-iso-fast-track-process/ |title=Explanation of the ISO "Fast-Track" process |author=Jones, B. |work=Microsoft Developer Network Blog |publisher=Microsoft |date=29 January 2007 |accessdate=23 June 2016}} 8. ^{{cite web |url=http://jtc1-sc7.logti.etsmtl.ca/N3851-N3900.html |archiveurl=https://web.archive.org/web/20160623193343/http://jtc1-sc7.logti.etsmtl.ca/N3851-N3900.html |title=JTC1/SC7 List of Documents: N3851 - N3900 |publisher=ISO/IEC |date=18 January 2008 |archivedate=23 June 2016 |accessdate=23 June 2016}} 9. ^{{cite web |url=http://www.itgovernance.in/t-itgovernanceandisoiec38500.aspx |title=IT Governance and The International Standard, ISO/IEC 38500 |work=IT Governance |publisher=IT Governance Ltd |accessdate=23 June 2016}} 10. ^{{cite web |url=http://www.38500.org/ |title=ISO 38500 IT Governance Standard |work=38500.org |date=2008 |accessdate=23 June 2016}} 11. ^1 {{cite web |url=https://gobernanza.wordpress.com/2009/06/01/isoiec-385002008-un-ano-difundiendo-el-concepto-de-buen-gobierno-corporativo-de-las-tic/ |title=ISO/IEC 38500:2008. Un año difundiendo el concepto de ‘Buen Gobierno Corporativo de las TIC’ |author=Garcia-Menendez, M. |work=Gobernanza de TI |date=1 June 2009 |accessdate=23 June 2016}} 12. ^{{cite web |url=http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=51639 |title=ISO/IEC 38500:2008 |publisher=ISO |accessdate=23 June 2016}} 13. ^{{cite web |url=http://www.standards.org.au/OurOrganisation/News/Documents/SA%20Media%20Release%20March%202015%20-%20%20ISO%20IEC%2038500-2015.pdf |format=PDF |title=2015 Edition of ISO/IEC 38500 Published |publisher=Standards Australia |date=23 March 2015 |accessdate=23 June 2016}} 3 : Corporate governance in Australia|Information technology governance|ISO/IEC standards |
| 随便看 |
|
开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。