Interview with Jan Begg, Chair of ISO/IEC JTC 1/SC 40, IT Service Management and IT Governance

Posted by on Apr 23, 2018 in News | 0 comments

Chair ISO/IEC JTC1/SC 40: IT Service Management and IT GovernanceWhy are standards important for IT Service Management and IT Governance?

Rapid technological advances combined with changing expectations of people and businesses are shaping our sociotechnical future. For decades standards developed by JTC 1 have been recognized as fundamental and valuable in organizing, communicating and creating the essence of an organization. The primary aim of international standardization is to facilitate the exchange of products, goods and services through the elimination of technical barriers to trade, further it increases interoperability and promotes innovation.

Now that business operations are conducted in a data rich environment via a complex system of service provision, the governance and management of these arrangements is critical for success, survival and competitive advantage.

What is the ISO/IEC JTC 1 role in IT Service Management and IT Governance Standards? What part is SC 40 playing?

JTC 1 activities cover all aspects of information technology and digital techniques including the specification, design and development, integration and interoperability of systems, services, tools and applications. The standards developed by JTC 1 span all industries of the modern global economy and since IT penetrates every industry sector and accelerates economic growth of the global and national economies, it is a major political interest of governments and various public organizations. SC 40 was formed in late 2013 to bring the governance, service management and business process outsourcing standards and activities together in one subcommittee with Standards Australia (SA) providing the Secretariat

SC 40 is responsible for 22 published standards, with a further 9 in various stages of development and various study groups. In 2018 we have 36 participating countries, 14 observers and approximately 20 liaison relationships, including the relatively new ISO/TC 309 Governance of Organizations and ISO/TC 307 Blockchain and distributed ledger technologies.

Implemented well, board level governance of information technology is a critical subset of good organizational governance and our 38500 series is recognized as better practice by regulators, auditors, policy makers and consultants across the world. At the management level ISO/IEC 20000 is one of the most successful Management System Standards (MSS), used internationally for over a decade and now being further developed for a more complex world. The IT Enabled Services-Business Process Outsourcing (ITES-BPO) providers need to deliver strategic, sustained business value while managing risks. The ISO/IEC 30105 series was developed to improve consistency, delivery quality and predictability in the delivery of ITES-BPO services. The standards aim to provide clear return on investment for customers and service providers.

How might the governance and management framework change?

The current digital age combined with shifting political and economic power has produced a steady stream of innovative technologies and unpredictable ways of conducting business. Governance principles have not changed however management systems and the way to apply the principles to new technology is the new challenge.

Imagine a boardroom where a robotic director works alongside human ones, analyzing company and competitor data, monitoring social media and making governance recommendations based on an algorithm and concepts of machine learning and artificial intelligence. Whilst the CEO and the management team react to changing patterns of customer behaviour, making rapid changes to their customer facing processes by procuring business services from across the globe.

What hasn’t changed is that CEO is expected to meet numerous short and longer term targets; hence they will pick and choose to get the outcomes being measured. The governance and management system is no longer within one organization and governance of IT is no longer simple.

Recently the Chair of the largest global organization of governance professionals issued a wake-up call to directors that they cannot make decisions in isolation, they must engage in wider issues of community and economic concern. The way we do business cannot be the way we have always done business. Increasingly boardroom discussions include digital disruption and the impact their organization has on society.

What is ahead for SC 40 in the next few years?

Our response as standards developers to digital transformation needs to be timely and practical for our customers and stakeholders. Specific guidance is being sought by our business leaders prompted by concerns about safety, security and assurance. Issues created by cyber security, big data, data analytics, IoT, autonomous systems and service delivery via cloud-based solutions may be categorized by legal, privacy and social value.

Business-model disruption due to advances in technology has been a hot topic for management, consultants and academics for at least 20 years. The discussion has finally made it to the boardroom as the list grows of traditional organizations losing market share to start-ups with highly digitized operations and low requirements for capital expenditure.

Our SC 40 work program is influenced by this changing environment and stakeholder expectations. We are progressing a full revision of 20000 series, our governance experts recently published guidance on application of 38500 to the governance of data (38505-1) and will build on that with a technical report including case studies. Work is underway on IT-enabled investments, assessment of the implementation of Governance of IT and governance of AI.

For example the ITES-BPO industry is transforming its value proposition to its customers from a pure play labour arbitrage provider to a business partner. The industry is currently driven by greater automation and the application of analytics across entire value chain, our recently published 30105 series is the first guidance targeted at this. There is a need for further standards to help both providers and clients within the BPO domain.

A number of recent high-profile incidents have underlined the lack of governance of information technology and the increased “commoditization” of services. This has been particularly noticeable in large undertakings with many third-party providers, where parent organizations have not ensured that every party has very clearly delineated areas of responsibility.

We are collaborating and cooperating across JTC1, TCs and liaison and all organizations interested in governance, service management and ITES-BPO. Where applicable we will do combined work projects within ISO/IEC, JTC 1 and technical committees to investigate such aspects as more agile approaches, concerns about privacy, fraud and compliance, smart cities, distributed ledgers and AI.

How did you get involved in developing standards and why IT Service Management and IT Governance?

JTC 1 approved the creation of the subcommittee in November 2013 and SC 40 held its first plenary meeting in Sydney in June 2014, John Sheridan, was the inaugural chair for the first 3 years and I was honoured to take over as Chair in November 2016. Since 2010 I had participated in standards development in Australia, and then led the Australian delegation to international meetings in Governance of IT and chaired the Australian mirror committee. I am the editor of a guideline on principled-based standards and have done research on implementation of strategy, presenting the findings in academic publications and at international conferences.

My early career and later executive roles were in software development and major business transformations in Australia, New Zealand, USA and UK. For over a decade I have split my time between non-executive roles in healthcare, infrastructure, education and aged care, governance consulting and pro-bono activities. I am a fellow of the Australian Institute of Company Directors and I am passionate about finding ways to apply our collective knowledge of how standardization improves the performance, compliance and success of organizations.

I am inspired and in awe of our talented SC 40 experts and participants from other organizations and committees.


ISO/IEC JTC 1/SC 32 Publishes Updated SQL Database Language Standard

Posted by on Mar 21, 2017 in News, Uncategorized | 0 comments

Under U.S. Leadership, SC 32 Advances SQL Technology with Nine-Part Revision, 02/27/2017

The International Organization for Standardization / International Electrotechnical Commission (ISO/IEC) Joint Technical Committee (JTC) 1, Information Technology, Subcommittee (SC) 32, Data management and interchange, published nine updated parts of the SQL Query Language (SQL) Database Language standard, ISO/IEC 9075:2016, Information technology – Database languages – SQL in December 2016. SQL is a data sublanguage widely used for access to relational databases.

Major new features in the update include Row Pattern Recognition, Support for Java Script Object Notation (JSON) objects, Polymorphic Table Functions, and Additional analytics.

The American National Standards Institute (ANSI) is the U.S. member body to ISO, and the IEC, via the U.S. National Committee. The U.S. plays a leading role in ISO/IEC JTC 1/SC 32, with Michaela Miller of ANSI serving as the SC 32 Secretariat and Jim Melton of Oracle Corporation serving as SC 32 Chair, through 2017. The ANSI-accredited U.S. Technical Advisory Group (TAG) administrator to SC 32 is the InterNational Committee for Information Technology Standards (INCITS).

The nine updated parts of ISO/IEC 9075:2016 focus on the following aspects of SQL:

Part 1: Conceptual framework, grammar, and terms and notation used in other parts of ISO/IEC 9075

Part 2: Foundation, data structures, and basic operations on SQL-data

Part 3: Call-level interface

Part 4: Persistent stored modules

Part 9: Management of external data

Part 10: Object language bindings

Part 11: Information and definition schemas

Part 13: SQL routines and types using the Java programming language

Part 14: XML-related specifications

SQL: 2016 adds support for additional analytical capabilities including Trigonometric and Logarithm functions. The Trigonometric functions included are sine, cosine, tangent, hyperbolic sine, hyperbolic cosine, hyperbolic tangent, inverse sine, inverse cosine, and inverse tangent.

For more details on the newest edition of the SQL Database Language standard, see the technical summary.

About ISO/IEC JTC 1/SC 32

ISO/IEC JTC 1/SC 32 is responsible for 77 published standards works with 14 participating countries (and 23 observing countries) to provide enabling technologies to promote harmonization of data management facilities across sector-specific areas. Specifically, SC 32 standards include:

Reference models and frameworks for the coordination of existing and emerging standards;

Definition of data domains, data types, and data structures, and their associated semantics;

Languages, services, and protocols for persistent storage, concurrent access, concurrent update, and interchange of data; and

Methods, languages, services, and protocols to structure, organize, and register metadata and other information resources associated with sharing and interoperability, including electronic commerce.

ANSI holds the secretariat of SC 32’s parent committee, ISO/IEC JTC 1, with the U.S.’s Karen Higginbottom serving as chair.

ISO/IEC JTC 1 Approves OASIS OData Standard for Open Data Exchange

Posted by on Mar 21, 2017 in News | 0 comments

Geneva, Switzerland (PRWEB) February 23, 2017

The Open Data Protocol (OData) and OData JSON Format standards developed by the OASIS consortium have now been approved for release by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Version 4.0 of the Standards were balloted through the Joint Technical Committee on Information Technology (JTC 1) of ISO and IEC and given the designation ‘ISO/IEC 20802:1 and 20801:2’.

OData enables an open, programmable Web. It simplifies the querying and sharing of data across applications for re-use in the enterprise, cloud, and mobile devices. With OData, information can be accessed from a variety of sources including relational databases, NoSQL stores, file systems, content management systems, and traditional web sites.

“OASIS, an approved ISO/IEC JTC 1 Publicly Available Specification (PAS) Submitter since 2004, has been a valued ISO/IEC JTC 1 partner, coordinating efforts to address the needs of industries and governments for widespread access to application data. The adoption of these two standards further advances the collaborative nature of the two organizations,” said Karen Higgenbottom, ISO/IEC JTC 1 Chair.

“ISO/IEC approval of OData sends a message to the world that data consumers can and must interoperate with data producers in more powerful ways,” said Ralf Handl of SAP, co-chair of the OASIS OData Technical Committee. “A true, scalable API economy needs interoperability standards; otherwise there is a risk of point-to-point integration challenges. By providing a semantically rich API modeling language, OData can enable more applications to make use of a broader set of data.”

OData co-chair, Michael Pizzo of Microsoft, agrees, “ISO and IEC support for OData validates the efforts of many talented people across organizations around the world who banded together with the common goal of creating a standard open data protocol. Approval as an ISO/IEC Standard will help accelerate OData adoption throughout the international community, particularly within government agencies looking to leverage OData as a key part of their open data initiatives.”

OData 4.0 and OData JSON 4.0 were ratified as OASIS Standards in February 2014 and subsequently submitted by OASIS to the ISO/IEC JTC 1 Information Technology body. As ISO/IEC 20922, this International Standard will continue to be maintained and advanced by the OASIS OData Technical Committee, which includes representatives of CA Technologies, Dell, Huawei, IBM, Microsoft, Progress Software, Red Hat, SAP, SDL, and others. New members are welcome.

Additional Information:

ISO/IEC 20802-1:2016 and ISO/IEC 20802-2:2016

OASIS OData Technical Committee:

OData 4.0 OASIS Standard:

OData JSON Format 4.0 OASIS Standard:


JTC 1 is the standards development environment where experts come together to develop worldwide Information and Communication Technology (ICT) Standards for business and consumer applications. Since 1987, ISO/IEC JTC 1 has brought about a number of very successful and relevant information and communication technologies (ICT) Standards in many fields: IC cards (smart cards), automatic identification and data capture (AIDC) technologies, information security, biometrics, cloud computing, multimedia (MPEG), database query and programming languages as well as character sets, to name just a few.



OASIS is a nonprofit, international consortium that drives the development, convergence and adoption of open standards for the global information society. OASIS promotes industry consensus and produces worldwide standards for cloud computing, security, IoT, content technologies, energy, and other areas. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology. OASIS members broadly represent the marketplace of public and private sector technology leaders, users, and influencers. The consortium has more than 5,000 participants representing over 600 organizations and individual members in 65+ countries.

MPEG hosts Geneva workshop

Posted by on Jan 31, 2017 in News | 0 comments

The Moving Picture Experts Group (MPEG) is a working group of ISO/IEC in charge of the development of International Standards for compression, decompression, processing, and coded representation of moving pictures, audio and their combination.

On 18 January 2017, MPEG hosted a workshop in Geneva, Switzerland, to discuss its roadmap for standardization activities.

Industry executives from various sectors talked about their views and thoughts on emerging media technologies, products and services.

The workshop focused on immersive media, including the capture, distribution and consumption of novel immersive TV and media and services, virtual and augmented reality, and more.

The speakers laid out their needs for media Standards, in particular MPEG Standards, in the 2020 time frame.

Find more information

Cloud Computing: An Interview with Don Deutsch, Chairman of ISO/IEC JTC 1/SC 38, Distributed Application Platforms and Services

Posted by on Jan 6, 2014 in Information Technology, News | 0 comments

Cloud Computing: An Interview with Don Deutsch, Chairman of ISO/IEC JTC 1/SC 38, Distributed Application Platforms and Services

Standards in the Cloud

Interview with Don Deutsch, Chairman of ISO/IEC JTC 1/SC 38, Distributed Application Platforms and Services

Don Deutsch, Chairman of ISO/IEC JTC 1/SC 38, Distributed Application Platforms and Services, shares his thoughts on the importance of standards for the paradigm-shifting field of cloud computing within the information technology sector and the roles of SC (Subcommittee) 38: Distributed Application Platforms and Services. Also discussed are ISO/IEC JTC (Joint Technical Committee) 1: Information technology and what may be expected for the future of cloud computing standardization.

Why are standards important for cloud computing?

Standards are important in the IT (Information Technology) sector because they enable products to interoperate. That is to say, information technology products from multiple vendors can work together when they incorporate standard interfaces. IT products rarely operate in isolation or solely with other products from the same vendor. Consequently, in today’s interconnected world, standards are absolutely essential.

As an emerging vehicle for providing information technology services, cloud computing can benefit from standards. When people talk about cloud computing they mean various things. To provide clarity and a basis for developing future cloud computing standards, SC 38 is developing a definition of cloud computing. Currently under development by SC 38, ISO (International Organization for Standardization) /IEC 17788: Cloud Computing – Overview and Vocabulary, includes a concise definition of cloud computing. Since the standards process is a process of gaining consensus among various different constituencies, this is a consensus definition. It describes cloud computing as:

a paradigm for enabling network access to a scalable and elastic pool of shareable, physical or virtual resources with self-service provisioning and administration on-demand”.

At the bare minimum, cloud computing is a form of information technology involving the use of resources that are not owned, controlled or maintained by a single user. Rather, the resources are accessed over a network and are shared among a community of users. With cloud computing those resources can be dynamically provisioned – if users need more computing power, more storage or more processing capabilities, then these resources can be provided. Cloud computing services may be provided by more than a single computer or even a single computing centre; users may actually be sharing resources across various facilities that may not even be co-located.

Standards to guide the Cloud transition

It is important to note the word “paradigm” in the definition of cloud computing outlined in the ISO/IEC 17788 draft standard. Cloud computing is a shift in the paradigm for providing IT capabilities to users, and a great deal of future IT activity is likely to take place within the context of cloud computing. Because cloud computing has the potential to disrupt the IT products and services marketplace, there are strong demands for near-term cloud computing standards, especially from governments.

The information technology industry has undergone significant changes throughout its history, such as the transition from the mainframe (centralized computing) era to the distributed computing era and personal computing. With cloud computing, we may be experiencing another important transition; the standards developed by SC 38 promise to be an essential part of getting that transition right.

What is ISO/IEC JTC1’s role in cloud computing standards? What part is SC 38 playing?

ISO/IEC JTC 1 recognized the emerging field of cloud computing (and the desire to develop cloud computing standards) when in 2009 it established SC 38, Distributed Application Platforms and Services. At the time, there were three different converging demands that were brought to the JTC 1 plenary. After six years of studying standardization requirements for web services – a technology for providing capabilities across the network through the World Wide Web – JTC 1 was considering whether to begin developing web services standards. At the same time, China proposed that JTC 1 work in the area of SOA (Service Oriented Architecture), another underlying technology closely related to web services. The third converging initiative came from Korea, with a proposal that JTC 1 look into the new area of cloud computing. Recognizing the strong relationships among these technologies, JTC 1 established SC 38 with the title of DAPS (Distributed Application Platforms and Services) so as to address these three areas.

Ongoing focus on cloud standardization

As the work of SC 38 has evolved over the last four years, I have found that the overwhelming focus of SC 38 today is on cloud computing. The work on web services is nearly finished and there is no new development of web services standards. The work on SOA in SC 38 is still ongoing, but winding down. However, there is a tremendous amount of interest and effort in the area of cloud computing. To date, SC 38 has focused on preparing two important documents for cloud computing in collaboration with ITU-T (International Telecommunication Union Telecommunication Standardization Sector): ISO/IEC 17788: Cloud Computing: Overview and Vocabulary and ISO/IEC 17789: Cloud Computing – Reference Architecture. In addition to preparing these documents, SC 38 has initiated work on the definition of a standard SLA (Service-Level Agreement) for cloud computing.

Recognizing the heavy shift in focus of SC 38 towards cloud computing, at the SC 38 Plenary in Kobe Japan in September 2013 I initiated a study group on future work in the area of cloud computing and related technologies. My anticipation is that the work of this study group will result in new projects being proposed, and that there may be new structures within SC 38 to develop these projects. The current working groups – one each for web services, SOA, and cloud computing – do not properly reflect the interest and level of effort that we have in the cloud computing area; new structures might better deploy our resources to carry out what is likely to be a more robust programme of work in the area of cloud computing.

What is ahead for SC 38 in the next couple of years?

The first step in the standardization process is for the provider community and standards-setting organizations to come to a consensus as to which standards are required, beyond those standards that already exist or are currently being developed. Because cloud computing is still in the rapid innovation stage, this idea of consensus on required standards is extremely important to its success.

Identifying future needs

Heading up the study group on future work in cloud computing mentioned above is someone from NIST (National Institute of Standards and Technology), the US federal technology agency. NIST is one of the big demand-pull organizations and represents a major market for most of the US providers; in addition, NIST is looked to in much of the rest of the world as a trusted player in defining requirements for users, especially for governments – many of which are represented by major players in JTC 1.

This study group should help SC 38 decide where to go beyond vocabulary and reference architectures. Over the next couple of years SC 38 will determine which standards are required for cloud computing and will play a significant role in providing those standards.

I do not expect SC 38 to define all of the standards that are required for cloud computing, but it should be in a position where it is able to recognize what standards are required. It can then become a consolidator of the standards that are produced from a wide and diverse community of standards-setting organizations and can develop the additional required standards not being developed elsewhere.

Coordination and leadership

SC 38 is uniquely positioned to serve as a consolidator of cloud computing standards because of the JTC 1 PAS (Publicly Available Specification) process. This allows specifications developed through consensus processes outside the formal structure to be transposed into JTC 1 and recognized as International Standards. To date, most of the international technical standards in the area of cloud computing have come as PAS submissions from consortia addressing the lower levels of the cloud computing technology stack; that is, those focusing on standards for infrastructure as a service.

Foundation standards

The standards that have been worked on directly by SC 38 are the vocabulary and reference architecture standards, ISO/IEC 17788 and ISO/IEC 17789. Over the next year, I expect SC 38 to complete these foundation standards and to identify the requirements for additional cloud computing standards. Only then can SC 38 embark on developing these standards and/or fulfilling the need with standards brought in from elsewhere.

Many standards organizations are developing cloud computing standards. Are they competing with SC 38?

I do think that we are in a new era, in that technology convergence is real. The mechanisms that we set up for international standards 50 or more years ago divided technological standardization into three fields, with ITU covering telephones and telecommunications, IEC taking on power generation and power distribution and ISO attending to areas not covered by the other two. When the need for IT standards was first recognized, ISO and IEC both claimed to have a stake in the sector. In order to avoid competition in this field, both organizations agreed to set up their first joint technical committee, known as JTC 1.

JTC 1’s global role

JTC 1 is the recognized source for global information technology standards. Its voluntary, non-regulatory, nature has allowed the IT industry to thrive over the years. The PAS process it adheres to enables consortia working in the area of cloud computing to have the results of their work considered by JTC 1 for possible acceptance as international standards. As a result, consortia see SC 38 as a vehicle for collaboration rather than as competition.

Consortia such as the Open Group, DMTF (Distributed Management Task Force), SNIA (Storage Networking Industry Association) and OASIS (Organization for the Advancement of Structured Information Standards) are engaged in SC 38, both directly and through the PAS process. In this way, SC 38 is able to act more as partner than competitor in developing cloud computing standards. As a result, SC 38 is now positioned as the preferred vehicle for establishing new international cloud computing standards.

Can you tell us about your experience in developing standards, and why you are interested in cloud computing?

From SQL standard to Cloud standards

I became involved in developing standards in the area of database management, specifically in languages for accessing, storing, retrieving, and manipulating data. The result of those efforts was the SQL standard, in which I am still involved. I spent most of my career working for companies that had a stake in SQL.

One could argue that the SQL standard ranks among the most successful standards of the past 30 years. Nearly every product today that stores and retrieves data provides an SQL language interface. Even when new database management approaches emerge, they are characterized in the context of the SQL standard – for example, NoSQL databases.

The development of cloud computing standards may have an equally influential impact on the IT world. Cloud computing represents a paradigm shift. It is so important that it has the potential to substantially impact virtually everything that goes on in information technology. It is an area that is highly significant for my company, for the US, for JTC 1 and for the entire IT world – that’s why I’m excited to be engaged in cloud computing standardization in SC 38.