The growing extent of ICT application globally has motivated the development of standards and frameworks, notably by the International Organization for Standardization (ISO), Control Objectives for Information and Related Technology (COBIT®), IT Infrastructure Library® (ITIL®), Data Management International (DAMA), Organization for the Advancement of Structured Information Standards (OASIS), World Wide Web Consortium (W3C), Object Management Group (OMG), Dublin Core Metadata Initiative and Capability Maturity Model Integrated (CMM/CMMI). These standards and frameworks are generic and cover a very wide range of activities, and so are applicable in all kinds of business areas.
It is widely accepted that the starting point for adopting ICT governance practices and developing an institutional framework is the standard ISO/IEC 38500, which defines six high-level principles for “good corporate governance of IT” and focuses on the role of the board and its responsibility concerning ICT governance. However, this standard does not address specific governance and management processes, which are covered by other standards and practices.
COBIT®, a generic, process-based framework which is increasingly accepted internationally, covers overall ICT governance and management. ITIL® is an integrated set of best practice recommendations which focuses on managing the ICT service lifecycle in line with the requirements of the business. DAMA-DMBOK is a comprehensive guide which covers overall data management activities. Software application development has been addressed by CMM/CMMI, among others. In turn, OASIS, W3C, OMG and Dublin Core have focused on technical standards concerning interoperability, metadata and semantic and web-related technologies.
Information Technology Framework
Governance
- ICT Strategy and Planning
- Risk Management
- ICT Procurement
- Policy, Process and Procedures
- Performance Measurement
- ICT Resource Management
- Monitoring and Compliance
- ICT Sourcing Models
Emerging Trends and Technologies
- Social Media
- Smart Phones and Devices
- Bring-Your-Own-Device (BYOD)
- Cloud Computing
- Online Services
- Open Data
Business Systems and Applications
- Software Acquisition
- Software Design and Development
- Software Maintenance and Management
- Business Process Analysis
- Integration
- Software Scoping and Requirements Definition
- Testing and Implementation
- Change Management
- Version Control
Infrastructure and Technology
- Infrastructure and Architecture
- Virtualisation
- Capacity Management
- Communications and Network Management
- Data Storage
- IT Asset Management
- Systems Acquisition
- Systems Design and Development
IT Business Continuity
- Disaster Recovery
- Contingency Planning
- Backups
- Replication
- Redundancy
- Data Recovery
- Emergency Response
Security
- Access Management
- Authentication
- Audit
- Remote Access
- Incident Management, Reporting and Response
- Physical and Environmental Security
- Network and Communications Security
Project Management
- Initiation
- Planning
- Execution
- Reporting
- Monitoring and Controlling
- Closing
Recent Comments