Governance and Service Management in IT
-
TechReplubic
White papers, Artigos, Downloads, Fóruns, Blogs, Software. Por CNET Networks. See also BNET Business Network, ZDNet, CBS News Interactive. -
IT Business Edge - White Papers
Technology White Papers. Formerly Web Buyers Guide.
Corporate Governance
-
Corporate Governance
By Organisation for Economic Co-operation and Development (EOCD).
The OECD Principles of Corporate Governance, 2004, PDFs available for free download in many languages. Public Governance and Management.
Governance, Auditing and Service Management in IT
- ISACA
Serving IT Governance Professionals.
ISACA got its start in 1967, when a small group of individuals with similar jobs – auditing controls in the computer systems that were becoming increasingly critical to the operations of their organizations – sat down to discuss the need for a centralized source of information and guidance in the field. In 1969, the group formalized, incorporating as the EDP Auditors Association. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge and value of the IT governance and control field. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.
One of ISACA's strengths is its chapter network. ISACA has more than 175 chapters established in over 70 countries worldwide, and those chapters provide members education, resource sharing, advocacy, professional networking and a host of other benefits on a local level.
Certifications provided by ISACA: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT).
Val IT: governance framework and supporting publications addressing the governance of IT-enabled business investments. -
Wikipedia: Val IT
From Wikipedia, the free encyclopedia. Information Systems Audit and Control Association (ISACA). -
IT Service Management (ITSM)
From Wikipedia, the free encyclopedia. -
itSMF International - IT Service Management Forum
The IT Service Management Forum (itSMF) is the only internationally recognised and independent organisation dedicated to IT Service Management. itsmf.com. It is a not-for-profit organisation, wholly owned, and principally operated, by its membership. The itSMF is a major influence on, and contributor to, industry ”best practice“ and Standards worldwide, working in partnership with a wide range of governmental and standards bodies worldwide. Formed in the UK in 1991, there are now national chapters in an ever-increasing number of countries. -
IT Service CMM
The IT Service Capability Maturity Model (IT Service CMM) is a maturity growth model aimed at providers of IT services, such as management of hardware and software, operations, and software maintenance. The structure of the model is equal to that of the Software CMM, the contents of the IT Service CMM, however, are key process areas needed for mature IT service provision.
Currently hosted on Google Pages. -
Service Desk (ITSM)
From Wikipedia, the free encyclopedia. -
Help desk
From Wikipedia, the free encyclopedia.
SOA Governance
SOA governance is the combination of people, policies, and processes that an organization leverages to achieve the desired behavior in their Service-Oriented Architecture (SOA) adoption efforts.
-
Wikipedia: SOA Governance
From Wikipedia, the free encyclopedia. -
SOA Governance Refcard
By Todd Biske, Senior Enterprise Architect with over 15 years of experience in IT. Available on DZone Refcardz. This refcard provides Enterprise Architects, senior IT managers, and SOA program managers with an overview of the considerations, approaches, and technologies necessary for successful SOA governance. -
What is SOA governance?
A definition from Whatis.com. -
SOA Governance and Service Lifecycle Management by IBM
"SOA drives better business flexibility. SOA governance drives better business result." SOA governance is an extension of IT governance that focuses on the lifecycle of services and composite applications in an organization's service-oriented architecture (SOA).
The function of SOA governance is to: Establish decision rights for the development, deployment, and management of new services; Monitor and report decisions for communicating governance results.
SOA governance supplies the decision rights, processes, and policies for those activities. After a service is deployed, there must be management aspects in place to control and monitor the service.
The IBM SOA governance lifecycle expands the governance layer of the IBM SOA Foundation into manageable components. Actions needed to establish, maintain, and enhance an effective SOA Governance framework are depicted as a lifecycle consisting of four phases: plan, define, enable, and measure. -
WebLayers Resources on IT and SOA Governance
Fact Sheets, Product Brochures, White papers, Presentations, Podcasts, Webcasts, Videos. By WebLayers.
ISO 20000 - IT Service Management
ISO/IEC 20000 is the first international standard for IT Service Management. It is based on and is intended to supersede the earlier British Standard, BS 15000. ISO 20000, like its BS 15000 predecessor, was originally developed to reflect best practice guidance contained within the Information Technology Infrastructure Library (ITIL) framework, although it equally supports other IT service management approaches.
-
ISO 20000
From Wikipedia, the free encyclopedia. ISO/IEC 20000 is the first international standard for IT Service Management. It is based on and is intended to supersede the earlier British Standard, BS 15000. -
ISO/IEC 20000 - Information technology -- Service management
- ISO/IEC 20000-1:2011 - Part 1: Service management system requirements
- ISO/IEC 20000-2:2012 - Part 2: Guidance on the application of service management systems
- ISO/IEC 20000-3:2012 - Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1
- ISO/IEC TR 20000-4:2010 - Part 4: Process reference model
- ISO/IEC TR 20000-5:2013 - Part 5: Exemplar implementation plan for ISO/IEC 20000-1
- ISO/IEC TR 20000-10:2013 - Part 10: Concepts and terminology
-
ISO 20000 Central
ISO 20000 and ITIL.
ISO 20000 & ITIL
-
ITIL and ISO 20000
ISO 20000 does not offer specific advice on how to design your processes. It is rather a set of requirements which must be met in order to qualify for certification.
This is where ITIL comes into play: ITIL (especially version 3) is strongly aligned with ISO 20000 and offers a rather detailed collection of best practices. As a result, ITIL is a very good basis for developing ISO 20000 compliant processes. -
ISO 20000, BS15000 and ITIL
By Itil & ITSM World - The Itil and ITSM Directory.
ITIL - Information Technology Infrastructure Library
|
|
|
-
IT Infrastructure Library (ITIL)
ITIL (the IT Infrastructure Library) is the most widely accepted approach to IT service management in the world. ITIL provides a cohesive set of best practices, drawn from the public and private sectors internationally. It is supported by a comprehensive qualifications scheme.
The best practice processes promoted in ITIL support and are supported by the British Standards Institution's standard for IT service Management (BS15000).
Axelos. Formerly on Office of Government Commerce (OGC), UK. - Books:
ITIL 4
Also Service Management - ITIL 2011 Edition Publications.
Author: AXELOS Global Best Practice, formerly Office of Government Commerce (OGC), UK / Publisher: The Stationery Office (TSO). Publications in the suite: Service Strategy, Service Design, Service Transition, Service Operation, Continual Service Improvement.
The ITIL Books.
Service Management - ITIL Version 3, 2007 Edition, by Axelos. -
Information Technology Infrastructure Library (ITIL)
From Wikipedia, the free encyclopedia. -
Axelos - Global Best Practice
Formerly OGC Best Management Practice. AXELOS is a new joint venture company, created by the Cabinet Office on behalf of Her Majesty's Government (HMG) in the United Kingdom and Capita plc to run the Best Management Practice portfolio, including the ITIL and PRINCE2 professional standards. -
Pink Elephant - PinkVERIFY Certified ITIL Toolsets
ITIL v3 & ITIL 4. Since 1998, PinkVERIFY has been endorsed by the IT service management community as an internationally recognized ITSM tool suite assessment service. -
The Itil Community Forum
Topics, Downloads, FAQ, Feedback, Forums, Statistics, Surveys, Web Links. -
The ITIL Toolkit
ITIL and ITSM Made Easy. itil-toolkit.com. - ITIL Survival
CMM ITIL gaps: CMM is in so many ways similar to ITIL as well as in so many way different. -
American ITIL
By Chad Vander Veen, 27 July 2005, Government Technology.
COBIT - Control Objectives for Information and related Technology
-
CobiT
Published by IT Governance Institute (ITGI), Information Systems Audit and Control Association (ISACA), USA.
Obtain COBIT 4.1 (PDF download, requires free registration), 4.0 and 3rd Edition, available in English and other languages.
Comparing COBIT 4.1 and COBIT 5 - ISACA (PPT). How COBIT 4.1 changed from 4.0, COBIT Webcasts. -
Wikipedia: COBIT
From Wikipedia, the free encyclopedia. -
COBIT Open Guide
COBIT on-line guide. This website is an open initiative, often known as a wiki. It is intended to document COBIT in plain English, including implementation issues.
GRC - Governance, Risk, Compliance
GRC is a capability to reliably achieve objectives [GOVERNANCE] while addressing uncertainty [RISK MANAGEMENT] and acting with integrity [COMPLIANCE].
-- OCEG GRC Glossary-
Governance, Risk Management, and Compliance
From Wikipedia, the free encyclopedia. Governance, Risk, and Compliance (GRC). -
OCEG - Open Compliance and Ethics Group
"Integrating Governance, Risk Management, Compliance and Culture". OCEG is a nonprofit organization that uniquely helps organizations drive Principled Performance by enhancing corporate culture and integrating governance, risk management, and compliance processes via: guidelines and standards, community of practice, evaluation criteria and benchmarks.
GRC Capability Model (Red Book) (download requires free member registration). -
GRC Glossary (beta)
Open source definitions for the governance, assurance and management of performance, risk and compliance. -
What is GRC?
By Michael Rasmussen, Corporate Integrity.
Corporate Integrity's blog providing perspective on current issues and trends impacting GRC. - GRC 20/20
Michael Rasmussen, Chief GRC Pundit.
GRC Pundit Blog. -
Why I Hate the Term GRC
Por Paul Proctor, VP Distinguished Analyst, Gartner.
Risk Management
-
Wikipedia: Risk management
From Wikipedia, the free encyclopedia. -
Risk Management
Magazine, Reed Business Information, Australia. -
Enterprise Risk Management (ERM) Framework
By COSO - Committee of Sponsoring Organizations of the Treadway Commission. -
Enterprise Risk Management
Risk Management and Risk Assessment Guide, by IT Governance, UK. -
ISO/IEC 27000 series - ISO/IEC 27005 & BS 7799-3
BS 7799-3:2006 - Risk Management Guidelines.
See Security Standards. -
Risk Management Guide for Information Technology Systems (PDF)
NIST Special Publication 800-30, July 2002. Recommendations of the National Institute of Standards and Technology. By Gary Stoneburner, Alice Goguen, and Alexis Feringa. Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology (NIST), U.S. - SEI Risk Management
SEI Risk Statement: Overview, Paradigm, Principles, Products, Team Risk Management Overview, Risk and Mission Success, Publications, Presentations. By Software Engineering Institute (SEI), Carnegie Mellon University (CMU).
Risk Management Reference: Risk Management Guide for DoD Acquisition, Sixth Edition (Version 1.0) [PDF], U.S. Department of Defense, August 2006; ADA470492.
Continuous Risk Management Guidebook; Richard L. Murphy, Christopher J. Alberts, Ray C. Williams, Ronald P. Higuera, Audrey J. Dorofee, Julie A. Walker; 562 pp.; 1996, Carnegie-Mellon University.
Business Continuity Management (BCM) & BS ISO 22301 Standard
-
BS ISO 22301:2012 - Business continuity management systems --- Requirements
Societal security -- Business continuity management systems --- Requirements. Originated from BS 25999-2:2007. -
BS ISO 22313:2012
Societal security -- Business continuity management systems -- Guidance. Originated from BS 25999-1:2006. -
ISO 22301 Business Continuity Management
BSI Group.
Getting started with ISO 22301 Business Continuity Management. -
Business continuity planning
From Wikipedia, the free encyclopedia. - BCM Institute -
Business Continuity Management Institute
BCM Institute is a leading global Business Continuity (BC) and Disaster Recovery (DR) Institute, working specially on education and certification. BCM Institute promotes and develops the disciplines of Business Continuity Management (BCM) and Disaster Recovery Planning (DRP) for a variety of industries and clients around the world. - BCMpedia
BCMpedia. A Wiki Glossary for Business Continuity Management (BCM) and Disaster Recovery (DR).
Business Continuity Management (BCM).
Compliance
-
Regulatory compliance
From Wikipedia, the free encyclopedia. -
Compliance Online
Quality and compliance portal.