Mark Toomey says Australian Standard AS 8015 is unique in recognizing that governance of IT is as much a demand problem as a supply problem
As Sir Peter Gershon — the architect of the UK Government's 2004 Spending Review — begins his independent review of the federal government's ICT management, Mark Toomey says the new government has a "fantastic opportunity" to make real savings if it understands strong governance is the key.
Toomey, founder of ICT governance specialists Infonomics and senior member of the Australian Computer Society (ACS), says the federal government should insist every department and agency implement highly effective corporate governance of IT from the top. And he says they should embrace both the Australian Standard AS 8015:2005 Corporate Governance of Information and Communication Technology — and the International Standard which improves on it — in order to do so.
The Australian Standard provides guiding principles for directors of organizations (including owners, board members, directors, partners, senior executives, or similar) on the effective, efficient, and acceptable use of ICT within their organization.
It applies to the governance of resources, computer-based or otherwise, used to provide information and communication services to an organization. These resources could be provided by ICT specialists, within the organization or external service providers, or by business units within the organization.
Toomey says 8015 is unique in recognizing that governance of IT is as much a demand problem as a supply problem, and that demand is driven by the business. He says the International Standards Organization, which adopted a slightly modified form of 8015 in November 2007, has followed that lead.
"The international standard continues the theme from 8015 that governance of IT is about supply and demand and improves on 8015 in a number of important areas. One of the most fundamental is that it's now very clear that it is trying to guide the behavior of an organization so as to guide the behavior of people in an organization about how they should set the agenda for, and make sure that they get the benefit out of, IT," Toomey says.
"It doesn't prescribe a process. There's plenty of process frameworks around that can be very useful: ITIL, CoBIT, ISO20000, 27000 — these things are all describing processes and frameworks for doing the supply-side management of IT — but 8015 and the ISO standard remain unique in saying that IT is the corporation's problem, not just the CIO's problem," he says.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.