AS 8015-2005: Australian Standard for Corporate Governance of Information and Communication Technology is a technical standard developed by Standards Australia Committee IT-030 and published in January 2005. The standard provides principles, a model and vocabulary as a basic framework for implementing effective corporate governance of information and communication technology (ICT) within any organization. The standard was the first "to describe governance of IT without resorting to descriptions of management systems and processes." AS 8105 later became the catalyst and main infrastructure for the creation of the international ISO/IEC 38500:2008 Information technology — Governance of IT for the organization standard.
Contents
History
The collapse of the Dot-com bubble into the early 2000s brought about demands for greater corporate disclosure and accountability. The costly failure of many information technology (IT) initiatives caused many to point fingers at poor corporate and information governance. One location where the call for the development of new IT management and governance standards was answered was within non-government standards development body Standards Australia. An IT Management and Governance working group called IT-030 was announced in July 2002 and fully formed in August. The committee which drafted and recommended the publication included representatives from over 30 organizations, including the Australian Computer Society, Australian Bankers Association, Australian Institute of Company Directors, and Australia's Department of Defence. One of IT-030's first substantial meetings was held in Sydney September 24–26 with the goal of using a qualitative survey to gauge interest in developing a full standard. Those insights were discussed at a follow-up meeting in Canberra on September 30, agreeing that the "'Governance of Information and Communications Technologies' would be a more accurate reflection of the emerging scope of the standard." By late January 2003, draft documents of the standard began to appear. By September 2004, the draft standard was being presented at the 2004 Australian Computer Society National Conference in Melbourne, and submitted comments were being resolved, with an eye on a late 2004 publication. The final version was published in January 2005.
The standard
The 12-page standard places responsibility for ICT firmly within the hands of the organization, and "[i]t involves evaluating and directing the plans for the use of ICT to support the organization and monitoring this use to achieve plans." It features six main principles of quality governance of ICT:
- Clearly delineate responsibilities for ICT.
- Carefully plan ICT to best support the organization.
- Ensure the acquisition of ICT is valid.
- Ensure implemented ICT performs as expected, if not better, when needed.
- Verify that ICT conforms to a set of formal rules.
- Ensure ICT respects human factors.
It also includes a model demonstrating how directors should monitor and evaluate how their organization is using ICT in response to the pressures and demands being placed on the company. The standard also lays out vocabulary that helps unify other previous standards with AS 8015.
As one of the first standards to lay out IT governance so simply, AS 8015 strongly influenced the development of ISO/IEC 38500:2008 Information technology — Governance of IT for the organization, an international standard that went on to make "a clear distinction between governance and management."