Mapping OASIS TGF to ISO 38500: An Introduction Version 1.0

Committee Note 01

18 December 2014

Specification URIs

This version: (Authoritative)

Previous version:


Latest version: (Authoritative)

Technical Committee:

OASIS Transformational Government Framework TC


John Borras (, Individual


Peter F Brown (, Individual

Related work:

This document is related to:

·         Transformational Government Framework Version 2.0. Edited by John Borras, Peter F Brown, and Chris Parker. Latest version:

·         TGF Executive Summary Version 1.0. Edited by John Borras and Chris Parker. Latest version:


This note is intended to serve as a contribution to a discussion within ISO/IEC JTC 1/SC 40 (“IT Service Management and IT Governance”), the objective of which is to determine possible future work based on a mapping between the OASIS “Transformational Government Framework” Standard and the ISO 38500-series of deliverables covering “Governance of Information Technology”.

The result of such mapping could lead to the OASIS TGF TC recommending the existing (or a future) version of the TGF Standard to JTC 1 as a “PAS” submission or identifying requirements for a new work item, within the OASIS TGF TC (with an objective of future submission to JTC 1) or directly within JTC 1/SC 40 itself (with the TGF TC providing input via OASIS liaisons and nominated experts to the SC 40 working group designated to work on this).


This document was last revised or approved by the OASIS Transformational Government Framework TC on the above date. The level of approval is also listed above. Check the “Latest version” location noted above for possible later revisions of this document.

Technical Committee members should send comments on this document to the Technical Committee’s email list. Others should send comments to the Technical Committee by using the “Send A Comment” button on the Technical Committee’s web page at

Citation format:

When referencing this document the following citation format should be used:


Mapping OASIS TGF to ISO 38500: An Introduction Version 1.0. Edited by Peter F Brown. 18 December 2014. OASIS Committee Note 01. Latest version:



Copyright © OASIS Open 2015.  All Rights Reserved.

All capitalized terms in the following text have the meanings assigned to them in the OASIS Intellectual Property Rights Policy (the "OASIS IPR Policy"). The full Policy may be found at the OASIS website.

This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published, and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this section are included on all such copies and derivative works. However, this document itself may not be modified in any way, including by removing the copyright notice or references to OASIS, except as needed for the purpose of developing any document or deliverable produced by an OASIS Technical Committee (in which case the rules applicable to copyrights, as set forth in the OASIS IPR Policy, must be followed) or as required to translate it into languages other than English.

The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns.




Table of Contents

1       Introduction. 5

1.1 References (non-normative). 5

2       “Governance of IT” and “Transformational Government”. 6

2.1 Work in ISO/IEC JTC 1. 6

2.2 Work in OASIS. 6

2.3 Why map TGF to ISO 38500?. 6

3       Mapping TGF to ISO 38500. 7

3.1 ISO 38500 and “Principles of IT Governance”. 7

3.2 OASIS TGF and “Guiding Principles”. 7

3.3 Mapping of Principles. 7

4       The TGF Pattern Language: A Structure for IT Governance Principles?. 8

Appendix A.    Acknowledgments. 9

Appendix B.     Structure of the OASIS TGF. 10

Appendix C.     Revision History. 11



1        Introduction

This note is intended to serve as a contribution to a discussion between OASIS and the Joint Technical Committee 1 of ISO and IEC (ISO-IEC/JTC 1), the objective of which is to determine possible future work based on a mapping between the OASIS “Transformational Government Framework” Standard and the ISO 38500-series of deliverables covering “Governance of Information Technology”.

The result of such mapping could lead to the OASIS TGF TC recommending the existing (or a future) version of the TGF Standard to JTC 1 as a “PAS” submission or identifying requirements for a new work item, within the OASIS TGF TC or within JTC 1/SC 40, the specific sub-committee within JTC 1 that is responsible for the domain of IT Service Management and IT Governance.

1.1 References (non-normative)


Transformational Government Framework Version 2, edited by John Borras, Peter F Brown, and Chris Parker. 01 May 2014. OASIS Committee Specification 01.

[ISO 38500]

Information Technology – governance of IT – For the Organization, edited by John Graham, 2014, ISO/IEC FDIS 38500

[ISO 38501]

Information Technology –Corporate Governance of IT Implementation Guide, edited by Max Blecher, 2014, ISO/IEC DTS 38501

[ISO 38502]

Information Technology – Governance of IT – Framework and Model, edited by Max Shanahan, 2014, ISO/IEC TR 38502

2                 “Governance of IT” and “Transformational Government”

2.1 Work in ISO/IEC JTC 1

JTC 1/SC 40 is a relatively new entity within the ISO/IEC JTC 1 system, created from the merger of three existing strands of work covering: Governance of IT; IT Service Management; and Business Process Outsourcing. Within SC 40, these areas are covered by three working groups, respectively WGs 1, 2, and 3.

Among the core responsibilities of SC 40/WG 1 is to “lead the development of standards, tools, frameworks, best practices and related documents on the governance of information technology” including maintenance of a series of deliverables knows as the ISO “38500 Series”. Three of these documents (an International Standard, a Technical Specification, and a Technical Report) establish a principles-based approach to the governance of IT, including the core standard itself (ISO-IEC 38500); an implementation guide (ISO-IEC TS 38501); and a framework and model (ISO-IEC TR 38502).

2.2 Work in OASIS

The Transformational Government Framework (TGF) is a practical “how to” standard for the design and implementation of an effective program of technology-enabled change at national, state or local government level. At the heart of the TGF lies the idea that governments need to transform the way they operate, traditionally organized around functionally-oriented service providers operating as unconnected vertical silos rather than built around user needs.

The OASIS “Transformational Government Framework” Technical Committee (TC) has been responsible for a series of deliverables including the eponymous framework itself (already approved as an OASIS Standard and, in a second version, approved as a Committee Specification), a primer, a separate executive summary as well as several toolkits and guidelines for use of the TGF’s principles.

2.3 Why map TGF to ISO 38500?

Both the OASIS TGF and the ISO-IEC 38500 Standards are high-level, principles-based advisory standards. They are concerned with what information technologies can offer but focus on the role of policy-making and governing bodies in determining how and where such technologies are introduced and deployed.

The interest expressed in mapping the standards against each other is a first step in understanding the overlaps and gaps that such a mapping would reveal and in such a way that would help both the OASIS TGF TC and JTC 1/SC 40 identify potential future work in the domain.

3        Mapping TGF to ISO 38500

3.1 ISO 38500 and “Principles of IT Governance”

The ISO Standard was first developed as an Australian Standard, AS 8015-2005 and later jointly revised by Standards Australia and New Zealand and approved by ISO/IEC JTC 1, through its “fast track” process as ISO/IEC 38500:2008 and updated in 2010.

It provides “a framework of principles for Directors to use when evaluating, directing and monitoring the use of information technology in their organizations” [ISO 38500]. The six principles “express preferred behaviour to guide decision making.”

It is centrally concerned by the governance of information technology.

3.2 OASIS TGF and “Guiding Principles”

The OASIS TGF on the other hand is concerned more broadly with the governance of change. Its scope however covers the public sector and more specifically with enabling the transformation of public sector services and the role played by information technologies in enabling such change. It is concerned with ensuring the management of information technology as a strategic asset.

The “Transformational Government Framework” is structured as a series of “patterns” within a TGF “Pattern Language”. Each Pattern provides high-level guidance for policy makers on how to approach and respond to specific issues covered within the framework.

The TGF framework covers Guiding Principles, Goals (“Benefits Realisation”), Critical Success Factors, and guidance on the three main governance and delivery processes (business management, service management, and technology and digital assets management) and there are a series of Patterns covering each area.

3.3 Mapping of Principles

Even without a detailed mapping of the entire Standards, an initial, cursory examination of the two shows already a high degree of overlap of the principles covered in both: The ISO Standard talks about “Responsibility” while the OASIS Standard talks about “Leadership”; Similarly for: “Strategy” (“Roadmap for Transformation”), “Acquisition” (“Supplier Partnerships” and “Technology Management”), “Performance” (“Critical Success Factors”), and “Human Behaviour” (“Stakeholder Empowerment”).

This is not to imply that the terms – nor the intended scope of their use – are identical: only to suggest that there is sufficient commonality of purpose that a formal mapping and enquiry into future collaboration ought to be undertaken. For copyright and intellectual property reasons it is not possible to pursue this exercise in more detail until both parties agree on a common approach and can make the content of their respective Standards available to each party on explicitly agreed terms.

4        The TGF Pattern Language: A Structure for IT Governance Principles?

The mapping of the ISO and OASIS Standards may also reveal a commonality in the structure of principles-based standards and guidance. The OASIS TGF is explicitly structured using the paradigm of a “Pattern Language” with consistent internal structure for each pattern; relationship between the patterns; and process for developing new patterns.

SC 40/WG 1 is currently examining a proposal for a new work item on the structure of principles-based standards and the TGF Pattern Language – suitably extended and modified could present a useful model for that group to use in the elaboration of that new work.

Appendix A.           Acknowledgments

The following individuals have participated in the creation of this specification and are gratefully acknowledged:


Hans A Kielland Aanesen, Individual Member

John Borras, Individual Member

Peter F Brown, Individual Member

Geoff Clarke, Microsoft Corporation

Nig Greenaway, Fujitsu Ltd

Gershon Janssen, Individual Member

Chris Parker, CS Transform Ltd

Colin Wallis, New Zealand Government

Joe Wheeler, MTG Management Consultants, LLC

Mark Woodward, Individual Member


Appendix B.           Structure of the OASIS TGF

The following diagram provides a high level overview of the structure of the TGF and the individual “Patterns” that make it up:

Appendix C.            Revision History




Changes Made


14 Oct 2014


Template created


16 Dec 2014

Peter F Brown

Initial Draft


18 Dec 2014

John Borras

Approved by TC