Corporate Governance of ICT
ICT governance is a term that has evolved out of use within the Australian government and formalised within the Australian standards community. The Australian Standard for Corporate Governance of Information and Communication Technology (ICT), AS8015, defines Corporate Governance of ICT as "The system by which the current and future use of ICT is directed and controlled. It involves evaluating and directing the plans for the use of ICT to support the organisation and monitoring this use to achieve plans. It includes the strategy and policies for using ICT within an organisation."
AS8015 was fast tracked for International adoption and published as the International Standard ISO/IEC 38500 Corporate Governance of Information Technology May 2008.
ICT is an umbrella term that includes any communication device or application, encompassing: radio, television, cellular phones, computer and network hardware and software, satellite systems and so on, as well as the various services and applications associated with them, such as videoconferencing and distance learning.
Definitions
AS8015 stepped away from the idea that IT or ICT Governance is something that occurs in the IT Department of an organisation but rather defines the governance of ICT as a responsibility of the Directors of an organisation, in the same way that other resources such as Human Resources and Finance are.
Background
The discipline of information and communications technology governance covers a particularly broad group of technologies of particular interest to governments and education bodies. ICT governance is not used within the business community which prefers to focus specifically on IT governance which is concerned with the management of resources strategic to business.
The primary goals for information technology governance are to (1) assure that the investments in IT generate business value, and (2) mitigate the risks that are associated with IT. This can be done by implementing an organizational structure with well-defined roles for the responsibility of information, business processes, applications, infrastructure, etc.
Decision rights are a key concern of IT governance, being the primary topic of the book by that name by Weill and Ross.[1] According to Weill and Ross, depending on the size, business scope, and IT maturity of an organization, either centralized, decentralized or federated models of responsibility for dealing with strategic IT matters are suggested. In this view, the well defined control of IT is the key to success.