ISO/IEC JTC 1/SC 40

ISO/IEC JTC 1/SC 40 IT Service Management and IT Governance is a standardization subcommittee of the Joint Technical Committee ISO/IEC JTC 1 of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO/IEC JTC 1/SC 40 develops and facilitates the development of international standards, technical reports, and technical specifications within the fields of IT service management and IT governance, with a focus in IT activity such as audit, digital forensics, governance, risk management, outsourcing, service operations and service maintenance.[1] The international secretariat of ISO/IEC JTC 1/SC 40 is Standards Australia (SA), located in Australia.[2]

History

ISO/IEC JTC 1/SC 40 was formed at the November 2013, 28th JTC 1 Plenary held in Perros-Guirec, France. The subcommittee was established via Resolution 21 from this meeting, and its scope, secretariat, and possible liaisons determined.[3] The new subcommittee combines the work of ISO/IEC JTC 1/WG 8 Governance of IT, ISO/IEC JTC 1/SC 7/WG 25 IT service management, and ISO/IEC JTC 1/SC 7/WG 27 IT enabled services/BPO (ITES/BPO).[1]

Scope

The scope of ISO/IEC JTC 1/SC 40 is:[3][4][5]

“Standardization of IT Service Management and IT Governance.”

Develop standards, tools, frameworks, best practices and related documents for IT Service Management and IT Governance, including areas of IT activity such as audit, digital forensics, governance, risk management, outsourcing, service operations and service maintenance, but excluding subject matter covered under the scope and existing work programs of JTC 1/SC 27 and JTC 1/SC 38.

The work will initially cover:

Collaborations

ISO/IEC JTC 1/SC 40 works in close collaboration with a number of other organizations or subcommittees, both internal and external to ISO or IEC, in order to avoid conflicting or duplicative work. Organizations internal to ISO or IEC that collaborate with or are in liaison to ISO/IEC JTC 1/SC 40 include:[6]

Member countries

Countries pay a fee to ISO to be members of subcommittees.[7]

As of January 2014 the 8 "P" (participating) members of ISO/IEC JTC 1/SC 40 are: Australia, Brazil, Finland, France, Luxembourg, Spain, Sweden, and United Kingdom[2]

As of January 2014 the 2 "O" (observing) members of ISO/IEC JTC 1/SC 40 are: Belgium and New Zealand

Standards

ISO/IEC JTC 1/SC 40 currently has two published standards and two published technical reports, as well as 11 standards or technical reports under development, within the field of IT service-management and IT governance. These include:[8][9]

ISO/IEC Standard Title Status Description
ISO/IEC 20000-1 Information technology – Service management – Part 1: Service management system requirements Published (2011) Specifies the requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain, and improve a service management system (SMS)[10]
ISO/IEC 20000-2 Information technology – Service management – Part 2: Guidance on the application of service management systems Published (2012) Provides guidance on the application of SMS based on the requirements of ISO/IEC 20000-1[11]
ISO/IEC TR 20000-5 Information technology – Service management – Part 5: Exemplar implementation plan for ISO/IEC 20000-1 Published (2013) Provides guidance on how to implement an SMS to fulfill the requirements of ISO/IEC 20000-1[12]
ISO/IEC TR 20000-10 Information technology – Service management – Part 10: Concepts and terminology Published (2013) Provides an overview of the concepts and terminology of ISO/IEC 20000 and establishes a common framework for helping organizations understand the purpose of the parts of ISO/IEC 20000 and the relationships between the parts[13]
ISO/IEC 30105-1[9] IT Enabled Services / Business Process Outsourcing Lifecycle Processes ITESBPO Standard Under development Part 1: Process Reference Model
ISO/IEC 30105-2[9] IT Enabled Services / Business Process Outsourcing Lifecycle Processes ITESBPO Standard Under development Part 2: Process Assessment Model
ISO/IEC 30105-3[9] IT Enabled Services / Business Process Outsourcing Lifecycle Processes ITESBPO Standard Under development Part 3: Process measurement framework and organization maturity model
ISO/IEC 30105-4[9] IT Enabled Services / Business Process Outsourcing Lifecycle Processes ITESBPO Standard Under development (NP) Part 4: Terms and concepts
ISO/IEC 30105-5[9] IT Enabled Services / Business Process Outsourcing Lifecycle Processes ITESBPO Standard Under development (NP) Part 5: Guidelines
ISO/IEC 30120 Information technology – Software Engineering - IT Audit – Audit guidelines that support the evaluation of the governance of IT Under development Provides guidance, including management of audit programs, conduct of audit, and competence and evaluation of auditors, on IT audit, allowing for efficient, effective, and acceptable use of IT[14]
ISO/IEC 30121 System and software engineering – Information technology – Governance of digital forensic risk framework Under development Provides a framework for governing bodies of organizations on the best way to prepare an organization for digital investigations, before they occur[15]
ISO/IEC 38500[16] Information Technology – governance of IT – For the Organization Under development
ISO/IEC TS 38501[17] Information Technology – Corporate Governance of IT Implementation Guide Under development
ISO/IEC TR 38502 Information technology – Governance of IT – Framework and model Under development Clarifies the distinction between the concepts of governance and management in respect to IT and provides a model illustrating between the two concepts, identifying the responsibilities associated with each[18]

See also

References

  1. 1.0 1.1 ANSI (2013-12-20). "ISO/IEC JTC 1 Holds 28th Plenary Meeting in France". Retrieved 2013-12-30.
  2. 2.0 2.1 ISO. "ISO/IEC JTC 1/SC 40". Retrieved 2013-12-30.
  3. 3.0 3.1 ISO/IEC JTC 1 (2013-11-13). "Resolutions Adopted at the 28th Meeting of ISO/IEC JTC 1, 4-9 November 2013 in Perros-Guirec, France". p. 8. Retrieved 2013-12-30.
  4. "ISO/IEC JTC 1/SC 40". Retrieved 2013-12-30. |chapter= ignored (help)
  5. IEC. "ISO/IEC JTC 1/SC 40 Scope". Retrieved 2013-12-30.
  6. "ISO/IEC JTC 1/SC 40". Retrieved 2013-12-30. |chapter= ignored (help)
  7. ISO (June 2012). "III. What Help Can I Get from the ISO Central Secretariat?". ISO Membership Manual. ISO. pp. 17–18. Retrieved 2013-07-12.
  8. ISO. "Standards Catalogue (Published): ISO/IEC JTC 1/SC 40". Retrieved 2013-12-30.
  9. 9.0 9.1 9.2 9.3 9.4 9.5 ISO. "Standards Catalogue (Under Development): ISO/IEC JTC 1/SC 40". Retrieved 2014-01-02.
  10. ISO (2011-04-12). "ISO/IEC 20000-1:2011" (2 ed.). Retrieved 2013-12-30.
  11. ISO (2012-02-14). "ISO/IEC 20000-2:2012" (2 ed.). Retrieved 2013-12-30.
  12. ISO (2013-10-30). "ISO/IEC TR 20000-5:2013" (2 ed.). Retrieved 2013-12-30.
  13. ISO (2013-10-30). "ISO/IEC TR 20000-10:2013" (1 ed.). Retrieved 2013-12-30.
  14. SPIL. "ISO/IEC 30120 WD1 Information technology – Software Engineering – IT Audit – Audit guidelines for Governance of IT". Retrieved 2014-01-02.
  15. SPIL. "ISO/IEC 30121 CD1 Information technology – Software Engineering – Governance of Digital Forensic Risk Framework". Retrieved 2014-01-02.
  16. ISO (2013-10-25). "ISO/IEC DIS 38500" (2 ed.). Retrieved 2014-01-06.
  17. ISO (2013-10-24). "ISO/IEC DTS 38501" (1 ed.). Retrieved 2014-01-06.
  18. SPIL. "ISO/IEC 38502 PDTR2 Governance of IT - Framework and Model". Retrieved 2014-01-02.

External links