Hyperlink: IT Management: Governance
Meta-Reference on Information Technology

Governance and Service Management in IT

• TechReplubic
  White papers, Artigos, Downloads, Fóruns, Blogs, Software. Por CNET Networks.

Corporate Governance

• Corporate Governance
  By Organisation for Economic Co-operation and Development (EOCD).
  Corporate Governance Principles - The OECD Principles of Corporate Governance, 2004, PDFs available for free download in many languages.

Governance and Service Management in IT

• IT Service Management (ITSM)
  From Wikipedia, the free encyclopedia.
• itSMF International - IT Service Management Forum
  The IT Service Management Forum (itSMF) is the only internationally recognised and independent organisation dedicated to IT Service Management. itsmf.com. It is a not-for-profit organisation, wholly owned, and principally operated, by its membership. The itSMF is a major influence on, and contributor to, industry ”best practice“ and Standards worldwide, working in partnership with a wide range of governmental and standards bodies worldwide. Formed in the UK in 1991, there are now national chapters in an ever-increasing number of countries.
• IT Service Capability Maturity Model
  The IT Service Capability Maturity Model (IT Service CMM) is a maturity growth model aimed at providers of IT services, such as management of hardware and software, operations, and software maintenance. The structure of the model is equal to that of the Software CMM, the contents of the IT Service CMM, however, are key process areas needed for mature IT service provision.
• Service Desk (ITSM)
  From Wikipedia, the free encyclopedia.
• Help desk
  From Wikipedia, the free encyclopedia.

ISO 20000 - IT Service Management

ISO/IEC 20000 is the first international standard for IT Service Management. It is based on and is intended to supersede the earlier British Standard, BS 15000. ISO 20000, like its BS 15000 predecessor, was originally developed to reflect best practice guidance contained within the Information Technology Infrastructure Library (ITIL) framework, although it equally supports other IT service management approaches.

• ISO 20000
  From Wikipedia, the free encyclopedia. ISO/IEC 20000 is the first international standard for IT Service Management. It is based on and is intended to supersede the earlier British Standard, BS 15000.
• ISO/IEC 20000 - Information technology - Service management
  ISO/IEC 20000-1:2005 - Part 1: Specification. ISO/IEC 20000-1:2005 - Part 2: Code of practice.
• ITIL, BS15000 & ISO 20000 User Group
  ITIL and ISO 20000 support portal.
• ISO 20000 Central
  ISO 20000 and ITIL.

ITIL - Information Technology Infrastructure Library

ITIL Version 3 - Books: The Official Introduction to ITIL Service Management Service Strategy Service Design Service Transition Service Operation Continual Service Improvement

ITIL Version 2 - Books: Introduction to ITIL Service Support Service Delivery Planning to Implement Service Management Security Management The Business Perspective (Volume 1 & 2) ICT Infrastructure Management Application Management Software Asset Management Small-Scale Implementation

• IT Infrastructure Library (ITIL)
  ITIL (the IT Infrastructure Library) is the most widely accepted approach to IT service management in the world. ITIL provides a cohesive set of best practices, drawn from the public and private sectors internationally. It is supported by a comprehensive qualifications scheme.
  The best practice processes promoted in ITIL support and are supported by the British Standards Institution's standard for IT service Management (BS15000).
  Office of Government Commerce (OGC), UK.
• ITIL Website
  By APM Group, UK.
• Books: ITIL Lifecycle Publication Suite
  Author: Office of Government Commerce (OGC), UK / Publisher: The Stationery Office (TSO). Publications in the suite: Service Strategy, Service Design, Service Transition, Service Operation, Continual Service Improvement.
  The ITIL Books.
  Service Management - ITIL Version 3, by OGC Best Management Practice.
• Information Technology Infrastructure Library (ITIL)
  From Wikipedia, the free encyclopedia.
• OGC Best Management Practice
  best-management-practice.com is the OGC official umbrella site dedicated to making access to the guidance quick and easy, and provides support for all levels of adoption of the OGC Best Practice guidance. IT Service Management - ITIL, Project Management - PRINCE2, Programme Management - MSP, Risk Management - MoR.
• ISO 20000, BS15000 and ITIL
  By Itil & ITSM World - The Itil and ITSM Directory.
• The Itil Community Forum
  Topics, Downloads, FAQ, Feedback, Forums, Statistics, Surveys, Web Links.
• The ITIL Toolkit
  ITIL and ITSM Made Easy.
• ITIL Survival
  CMM ITIL gaps: CMM is in so many ways similar to ITIL as well as in so many way different.
• American ITIL
  By Chad Vander Veen, 27 July 2005, Government Technology.

COBIT - Control Objectives for Information and related Technology

• CobiT
  Published by IT Governance Institute (ITGI), Information Systems Audit and Control Association (ISACA), USA.
  Obtain COBIT 4.1 (PDF download requires free registration), 4.0 and 3rd Edition.
• COBIT
  From Wikipedia, the free encyclopedia.
• COBIT Open Guide
  COBIT on-line guide. This website is an open initiative, often known as a wiki. It is intended to document COBIT in plain English, including implementation issues.

Risk Management

• Risk management
  From Wikipedia, the free encyclopedia.
• Governance, Risk Management, and Compliance
  From Wikipedia, the free encyclopedia. Governance, Risk, and Compliance (GRC).
• What is GRC?
  By Michael Rasmussen, Corporate Integrity.
  Corporate Integrity's blog providing perspective on current issues and trends impacting GRC.
• Risk Management
  Magazine, Reed Business Information, Australia.
• Enterprise Risk Management (ERM) Framework
  By COSO - Committee of Sponsoring Organizations of the Treadway Commission.
• Enterprise Risk Management
  Risk Management and Risk Assessment Guide, by IT Governance, UK.
• ISO/IEC 27000 series - ISO/IEC 27005 & BS 7799-3
  BS 7799-3:2006 - Risk Management Guidelines.
  See Security Standards.
• Risk Management Guide for Information Technology Systems (PDF)
  NIST Special Publication 800-30, July 2002. Recommendations of the National Institute of Standards and Technology. By Gary Stoneburner, Alice Goguen, and Alexis Feringa. Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology (NIST), U.S.
• Risk Management
  SEI Risk Statement: Overview, Paradigm, Principles, Products, Team Risk Management Overview, Risk and Mission Success, Publications, Presentations. By Software Engineering Institute (SEI), Carnegie Mellon University (CMU).
  Risk Managment Reference: Risk Management Guide for DoD Acquisition, Sixth Edition (Version 1.0) [PDF], U.S. Department of Defense, August 2006.
  Continuous Risk Management Guidebook; Richard L. Murphy, Christopher J. Alberts, Ray C. Williams, Ronald P. Higuera, Audrey J. Dorofee, Julie A. Walker; 562 p.; 1996, Carnegie-Mellon University.

Compliance

• Regulatory compliance
  From Wikipedia, the free encyclopedia.
• OCEG - Open Compliance and Ethics Group
  "Integrating Governance, Risk Management, Compliance and Culture". OCEG is a nonprofit organization that uniquely helps organizations drive Principled Performance by enhancing corporate culture and integrating governance, risk management, and compliance processes via: guidelines and standards, community of practice, evaluation criteria and benchmarks.
• Compliance Online
  Quality and compliance portal.

Auditing

• Information Systems Audit and Control Association (ISACA)
  Serving IT Governance Professionals.
  Val IT: governance framework and supporting publications addressing the governance of IT-enabled business investments.
  Professional Certification: Certified Information Systems Auditor (CISA); Certified Information Security Manager (CISM).
• ISACA Capítulo SP [Em Português]
  Atendendo aos Profissionais de Governança de TI.
• Val IT
  From Wikipedia, the free encyclopedia. Information Systems Audit and Control Association (ISACA).
• CNASI - Congresso Nacional de Auditoria de Sistemas, Segurança da Informação e Governança [Em Português]
  Evento anual organizado por IDETI.