AS 8015-2005: Australian Standard for Corporate Governance of Information and Communication Technology is a technical standard developed by Standards Australia Committee IT-030 and published in January 2005. The standard provides principles, a model and vocabulary as a basic framework for implementing effective corporate governance of information and communication technology (ICT) within any organization.[1][2] The standard was the first "to describe governance of IT without resorting to descriptions of management systems and processes."[3] AS 8105 later became the catalyst and main infrastructure for the creation of the international ISO/IEC 38500:2008 Information technology — Governance of IT for the organization standard.[4][5]

History

edit

The collapse of the Dot-com bubble into the early 2000s brought about demands for greater corporate disclosure and accountability. The costly failure of many information technology (IT) initiatives caused many to point fingers at poor corporate and information governance.[1] One location where the call for the development of new IT management and governance standards was answered was within non-government standards development body Standards Australia. An IT Management and Governance working group called IT-030 was announced in July 2002[6][failed verificationsee discussion] and fully formed in August.[7][failed verificationsee discussion] The committee which drafted and recommended the publication included representatives from over 30 organizations, including the Australian Computer Society, Australian Bankers Association, Australian Institute of Company Directors, and Australia's Department of Defence.[1] One of IT-030's first substantial meetings was held in Sydney September 24–26 with the goal of using a qualitative survey to gauge interest in developing a full standard.[8][9] Those insights were discussed at a follow-up meeting in Canberra on September 30, agreeing that the "'Governance of Information and Communications Technologies' would be a more accurate reflection of the emerging scope of the standard."[9] By late January 2003, draft documents of the standard began to appear.[10] By September 2004, the draft standard was being presented at the 2004 Australian Computer Society National Conference in Melbourne, and submitted comments were being resolved, with an eye on a late 2004 publication.[11][12] The final version was published in January 2005.[1]

The standard

edit

The 12-page standard places responsibility for ICT firmly within the hands of the organization, and "[i]t involves evaluating and directing the plans for the use of ICT to support the organization and monitoring this use to achieve plans."[12] It features six main principles of quality governance of ICT:[1][12]

  1. Clearly delineate responsibilities for ICT.
  2. Carefully plan ICT to best support the organization.
  3. Ensure the acquisition of ICT is valid.
  4. Ensure implemented ICT performs as expected, if not better, when needed.
  5. Verify that ICT conforms to a set of formal rules.
  6. Ensure ICT respects human factors.

It also includes a model demonstrating how directors should monitor and evaluate how their organization is using ICT in response to the pressures and demands being placed on the company. The standard also lays out vocabulary that helps unify other previous standards with AS 8015.[1]

As one of the first standards to lay out IT governance so simply, AS 8015 strongly influenced the development of ISO/IEC 38500:2008 Information technology — Governance of IT for the organization, an international standard that went on to make "a clear distinction between governance and management."[4][5]

See also

edit

References

edit
  1. ^ a b c d e f da Cruz, M. (2006). "10: AS 8015-2005 - Australian Standard for Corporate Governance of ICT". In van Bon, J.; Verheijen, T. (eds.). Frameworks for IT Management. Van Haren Publishing. pp. 95–102. ISBN 9789077212905. Retrieved 23 June 2016.
  2. ^ McKay, A. (2007). "Australia leads the world on ICT governance". Up. 8 (Summer 2007): 3. Archived from the original (PDF) on 11 September 2009. Retrieved 23 June 2016.
  3. ^ Juiz, C.; Toomey, M. (2015). "To Govern IT, or Not to Govern IT?". Communications of the ACM. 58 (2): 58–64. doi:10.1145/2656385. S2CID 34086325.
  4. ^ a b Smallwood, R.F. (2014). "Chapter 10: Information Governance and Information Technology Functions". Information Governance: Concepts, Strategies, and Best Practices. John Wiley & Sons, Inc. pp. 189–206. ISBN 9781118421017. Retrieved 23 June 2016.
  5. ^ a b Toomey, Mark (20 November 2008). "A Significant Achievement" (PDF). The Infonomics Letter. Infonomics Pty Ltd. Archived from the original (PDF) on 15 August 2016. Retrieved 23 June 2016.
  6. ^ Mills, Kelly (18 July 2002). "National guidelines for IT on their way". IT World Canada. IT World Canada, Inc. Archived from the original on 23 June 2016. Retrieved 23 June 2016.
  7. ^ "Fact Sheet - IT Management and Governance (Z0001)". Standards Australia. 13 August 2002. Archived from the original on 1 July 2005. Retrieved 23 June 2016.
  8. ^ "IT-030 ICT Governance and Management". Standards Australia. Archived from the original on 1 July 2005. Retrieved 23 June 2016.
  9. ^ a b da Cruz, Marghanita. "Market Research into perceptions about the governance of Information and Communication Technologies". Ramin Communications. Archived from the original on 25 August 2023. Retrieved 25 August 2023.
  10. ^ "IT-030 Archived Documents". Standards Australia. Archived from the original on 24 August 2006. Retrieved 23 June 2016.
  11. ^ da Cruz, Marghanita (2004). "Draft Australian Standard for the Corporate Governance of ICT". Ramin Communications. Archived from the original on 25 August 2023. Retrieved 25 August 2023.
  12. ^ a b c da Cruz, Marghanita. "AS 8015 (2005) - Australian Standard for Corporate Governance of ICT". Ramin Communications. Archived from the original on 25 August 2023. Retrieved 25 August 2023.
edit