ITGI provides guidance for effective adoption of the ISO IEC IT governance standard

(11/06/2009)

Research by the non-profit, independent IT Governance Institute (ITGI) of more than 250 executives in 22 countries has found that in 71% of enterprises it is the senior executive who is now ultimately accountable for IT Governance. The research strongly supports the need for the recent IT governance standard released by the International Organization for Standardization (ISO) and marks the global recognition of the importance of IT governance. The standard is applicable to enterprises of all types and sizes.

When it comes to finding champions for IT governance, the ITGI research found that 55% came from within executive management and 45% from non-executive management. To help organizations adopt ISO/IEC 38500: 2008-Corporate governance of information technology, the IT Governance Institute has released a free white paper. Titled ITGI Enables ISO/IEC 38500:2008 Adoption, the paper explains how the ITGI frameworks and research provide implementation support for use by executive and non executive management that organizations can tailor to their specific needs.

“For effective adoption of the ISO/IEC IT governance standard, organizations need specific guidance depending on their size, risk tolerance, IT investments and culture,” said Paul Williams, Chair ISACA Strategy Group and IT Governance Adviser to Protiviti. “As an independent research organization designed to help organizations of all sizes and in all industries, ITGI provides free guidance that provides direct support to all enterprises that adopt this standard.”

The ITGI white paper outlines which specific framework processes and research publications support each of the six principles of the ISO/IEC standard—Responsibility, Strategy, Acquisition, Performance, Conformance and Human Behaviour. A chart provides clear identification of which publications and processes support which principle.

The good practices in the Control Objectives for Information and related Technology (COBIT) framework are a common approach to effective IT control. It has been adopted globally as the de facto standard control model for implementing and demonstrating effective IT governance and management. Val IT, a newer framework based on COBIT, helps organizations optimise value from IT-enabled investments. Processes in both of these frameworks provide direct support for the ISO standard. Both frameworks are available as complimentary downloads.

“The significance of information and technology is evident in every aspect of business and public life, and the need to better manage IT investments and an increasing array of IT-related risks has never been greater,” said Williams. “The new ISO standard provides a much-needed focus on IT governance and will help organizations attain more value from their information technology.”

Related topics:  Security management and policies 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources