Frameworks for

IT Management
A P O C K E T G U I D E

A publication of itSMF International

 Colophon
Title: Frameworks for IT Management - A Pocket Guide

A publication of: itSMF International

Authors & editors: Eric Rozemeijer (lead author, Quint Wellington

Redwood)
Jan van Bon (chief editor ITSM Library, Inform-IT)
Tieneke Verheijen (editor, Inform-IT)

Publisher: Van Haren Publishing, Zaltbommel, www.vanharen.net,

for itSMF International

ISBN(13): 987 90 8753 087 7

Edition: First edition, first impression, September 2007

Design & Layout: CO2 Premedia, Amersfoort – NL

Printer: Wilco, Amersfoort – NL

©itSMF International 2007

All rights reserved. No part of this publication may be reproduced in any form by print,
photo print, microfilm or any other means without written permission by the publisher.
Although this publication has been composed with much care, neither author, nor
editor, nor publisher can accept any liability for damage caused by possible errors and/or
incompleteness in this publication.

TRADEMARK NOTICES
PRINCE2™, M_o_R® and ITIL® are Registered Trade Marks and Registered
Community Trade Marks of the Office of Government Commerce, and are Registered
in the U.S. Patent and Trademark Office.
COBIT® is a registered trademark of the Information Systems Audit and Control
Association (ISACA)/IT Governance Institute (ITGI).
The PMBoK® is a registered trademark of the Project Management Institute (PMI).
eTOM® is a registered trademark of the TeleManagement Forum.

4 Frameworks for IT Management – A Pocket Guide

Foreword
IT managers today are confronted with an overwhelming number of
management frameworks, methods and methodologies – so many in fact
that sometimes it’s difficult to see the wood for the trees. Also, many IT
service providers believe they can’t be taken seriously if they don’t also offer
their own unique framework – which makes it even more difficult to find
your way through the framework forest.

In general, management frameworks focus on quality. Applying

standardized practices, and providing models that reflects these practices
in a comprehensive way, has been a valuable aid to business managers
for a long time. IT managers are no different. In addition, the field of
Information Technology has always been deeply involved with modeling,
simply because all development projects start with a model. Both factors
help explain why the IT discipline has so many frameworks on offer.

But how do you chose the right framework from this huge range? Or
maybe you need more then one, since they all tend to serve different
goals…? Should you create your own framework by recombining elements
from existing ones? Questions like these have been on the agenda of IT
managers for decades.

This itSMF publication covers the most important frameworks in use for
quality management in IT organizations. The descriptions are provided in
a neutral and objective way, so that readers can gain a better understanding
the potential value of each instrument. A consistent approach to each
chapter allows easy comparison between the frameworks: a short profile,
a description and core graphics, and the relevance to IT management are
provided for each framework.

This first edition of the frameworks pocket guide contains descriptions

of (in alphabetical order) AS 8015, ASL, BiSL, CMMI, COBIT, EFQM,

Frameworks for IT Management – A Pocket Guide 5

 eSCM-SP, eTOM, Generic Framework for Information Management,
IPMA Competence Baseline, ISO 15504, ISO 19770, ISO/IEC 20000,
ISO 27001, ISO 9000, ISPL, IT Balanced Scorecard, ITIL (V2 and V3),
M_o_R, MSP, PMBoK, PRINCE2, Six Sigma, TickIT, TOGAF, and
TQM, and is largely based on the introduction-level title “Frameworks for
IT Management” in the ITSM Library.

The frameworks are categorized according to their main goal, and each
framework is plotted against the largest and broadest ‘umbrella’ framework
available, the 3x3 matrix for Information Management. This categorization
should support the reader in finding the most suitable frameworks for their
situation.

New frameworks will be added to this pocket guide, when they attract the
attention of IT service managers, or grow in importance. This will make
the pocket guide a living document, reflecting the actual situation in the
field. The resulting frameworks pocket guide is a reliable and consistent
reference guide, whether it is used as a first introduction to frameworks you
haven’t seen before, or as a quick reference guide to the core information
on the frameworks you already know. In all cases the pocket guide should
provide a valuable information source for modern IT managers. We hope
it will support you in meeting the high demands of modern IT Service
Management.

Jan van Bon,

Chief Editor ITSM Library for itSMF International

6 Frameworks for IT Management – A Pocket Guide

19 AS 8015-2005 –
Australian Standard
for Corporate
Governance of IT
The Australian Standard Corporate Governance of Information and
Communication Technology (AS 8015-2005) provides a model, principles
and vocabulary to assist those seeking to implement effective governance of
the use of IT within their organizations.

19.1 Description and core graphics

AS 8015 Corporate Governance of Information and Communication
Technology provides a framework for effective governance of the use of IT
by an organization.

The standard defines corporate governance as the system by which entities

are directed and controlled; a director as a member of the most senior
governing body of an organization and an entity as a legally constituted
organization.

AS 8015 provides a prudent approach to investment in IT, an approach

which recognizes that there are risks associated with the operational and
planned use of IT and ensures these are managed effectively.

The standard provides guidance to directors to help them meet their

responsibilities in regard to IT and meet their obligations in relation to:
• privacy legislation
• record keeping
• financial reporting
• prudent management of organizational resources

Frameworks for IT Management – A Pocket Guide 87

 The standard uses the term ‘directors’ to include owners, members of
supervisory boards, partners, council members, senior executives, officers
authorized by Acts of Parliament - in short, anyone responsible for the
activities of an organization.

The framework described in AS 8015 comprises:

• a model
• guiding principles
• vocabulary

19.1.1 The model

Figure 13 reproduces the AS 8015 model. In the model, directors monitor
and evaluate the organization’s use of IT against the pressures and needs
acting on it. They should then direct the development and implementation
of policies and plans to address any gaps.

Corporate
Business Business
governance
pressures needs
of ICT

Evaluate

Direct Monitor
Proposals

conformance
Performance
policies
Plans

Business processes

ICT Projects ICT Operations

Figure 13 Model for corporate governance of IT (Source: AS 8015-2005 Australian Standard

for Corporate Governance of Information and Communication Technology, Standards Australia)

88 Frameworks for IT Management – A Pocket Guide

19.1.2 Guiding principles
The standard provides six guiding principles:
• establish clearly understood responsibilities for IT
• plan IT to best support the organization
• acquire IT validly
• ensure that IT performs well, whenever required
• ensure IT conforms with formal rules
• ensure IT respec ts human factors

19.1.3 Vocabulary
The third component of the standard is a vocabulary drawn from, and
complementing terms defined and used in, the other Australian Standards
for corporate governance and risk management.

19.2 Relevance to IT management

AS 8015 provides a governance framework in which the use of IT can be
managed and aligned to the organization’s priorities.

The basis of the framework is to establish a framework for informed

and timely decision-making on the use of IT, at the highest level of the
organization.

For this to happen, appropriate measures and mechanisms need to be

established for reporting and responding to the risks arising from the
current or planned use of IT.

Frameworks for IT Management – A Pocket Guide 89