Guideline 1. ICT governance framework

Submitted by Anonymous (not verified) on

The institution defines a single, integrated framework for ICT governance that establishes responsibilities and duties at the highest levels.

The framework fosters the application of the ISSA Guidelines on Good Governance and ICT-related principles as defined in international standards.

Guideline code
ICT_00300
Mechanism
Mechanism
  • The board, with the assistance of the management, should issue a policy statement on the adoption of an ICT governance framework for the institution which establishes the main principles and governance approach. The framework should:
    • Follow the principles of Responsibility, Strategy, Acquisition, Performance, Conformance and Human Behaviour, as defined in ISO/IEC 38500;
    • Cover the institution in its entirety, integrating the governance of ICT into the institution’s general governance and covering all relevant functions and processes;
    • Enable transformation of the institution’s mission into an actionable strategy, by translating the institution’s high-level goals into manageable, specific, ICT-related goals and mapping these to concrete processes and practices.
  • The management and the ICT unit, with the assistance of specialized units where applicable, should elaborate an ICT governance framework, establishing:
    • Responsibilities and duties at the highest levels, to:
      • Evaluate the current and future use of ICT, especially on innovative social programmes;
      • Direct preparation and implementation of plans and policies to ensure that use of ICT meets institutional objectives;
      • Monitor conformance to policies, and performance against plans;
    • Internal rules and regulations to foster the application of the above principles as well as others specific to the institution.
  • The board should validate and communicate the ICT governance framework throughout the institution.
Parent
A. Governance and Management
Structure
Structure
  • The board, with the assistance of the management and the ICT unit, should establish an ICT governance framework.
  • The ICT governance framework should be consistent with the institution’s mission and governance structures.
  • The ICT governance framework should follow the ISSA Guidelines on Good Governance, as well as international standards and practices on ICT (e.g. ISO/IEC 38500 and COBIT®).

Tags

Title HTML
Guideline 1. ICT governance framework
Type
Guideline_1
Weight
6