Information technology - Governance of IT - Application of ISO/IEC 38500 to the governance of IT enabled investments

CSA Group
Standards Development Organisation:
Canadian Standards Association (operating as CSA Group)
Working Program:
View the CSA work program
Designation Number:
ISO/IEC 38506
Standard Type:
National Standard of Canada - Adoption of International Standard
Standard Development Activity:
New Standard
ICS code(s):
35.020
Status:
Proceeding to development
SDO Comment Period Start Date:
SDO Comment Period End Date:
Posted On:

Scope:

This document provides guidance on governance of IT enabled investments to the governing body of all forms of organizations, whether private, public or government entities, and will equally apply regardless of the size of the organization or its industry or sector. The terms business and business outcome throughout this document include all forms of organization covered by this document.

The document also provides guidance to other parties interacting with governing bodies such as project personnel, accountants, management consultants, investment portfolio managers and governance support staff.

IT enabled investments within the scope of this document could be investments of any scale from acquiring businesses to any business change incorporating IT, building new business services or addressing effectiveness and efficiency gains in IT operational services to gain competitive edge, whether those services are internal or provided by external parties.

Resource allocation for strategic innovation is addressed by providing guidance to the governing body’s decision for investment resource allocation between short-, medium- and long-term innovation projects.

This document also provides guidance that can be applied in the due diligence process related to

business acquisitions. This document may provide guidance on the application of the principles documented in ISO/IEC 38500 for ranking IT enabled investments including assessing the value and risks of IT elements in the context of investment banking or as performed by investment companies.

This document does not prescribe or define specific management practices required for IT enabled investments.

ISO/IEC TS 38501 contains guidance on the implementation arrangement for the effective governance of IT in general. The constructs in ISO/IEC TS 38501 can help to identify internal and external factors relating to the governance of IT and to define beneficial outcomes and identify evidence of success.

ISO/IEC TR 38502 contains guidance on the integration between the governing body and management of an organization in general.

This document is written in accordance with the principles of ISO/IEC TR 38504:2016.

Project need:

To align Canadian requirements with those of the respective international standards being proposed for adoption. To maintain alignment between Canadian information and communication technology standards and each respective international standard.

Note: The information provided above was obtained by the Standards Council of Canada (SCC) and is provided as part of a centralized, transparent notification system for new standards development. The system allows SCC-accredited Standards Development Organizations (SDOs), and members of the public, to be informed of new work in Canadian standards development, and allows SCC-accredited SDOs to identify and resolve potential duplication of standards and effort.

Individual SDOs are responsible for the content and accuracy of the information presented here. The text is presented in the language in which it was provided to SCC.