Information technology — Governance of IT for the organization

ISO/IEC 38500:2015 provides guiding principles for members of governing bodies of organizations (which can comprise owners, directors, partners, executive managers, or similar) on the effective, efficient, and acceptable use of information technology (IT) within their organizations. It also provides guidance to those advising, informing, or assisting governing bodies. They include the following: executive managers; members of groups monitoring the resources within the organization; external business or technical specialists, such as legal or accounting specialists, retail or industrial associations, or professional bodies; internal and external service providers (including consultants); auditors. ISO/IEC 38500:2015 applies to the governance of the organization's current and future use of IT including management processes and decisions related to the current and future use of IT. These processes can be controlled by IT specialists within the organization, external service providers, or business units within the organization. ISO/IEC 38500:2015 defines the governance of IT as a subset or domain of organizational governance, or in the case of a corporation, corporate governance. ISO/IEC 38500:2015 is applicable to all organizations, including public and private companies, government entities, and not-for-profit organizations. ISO/IEC 38500:2015 is applicable to organizations of all sizes from the smallest to the largest, regardless of the extent of their use of IT. The purpose of ISO/IEC 38500:20015 is to promote effective, efficient, and acceptable use of IT in all organizations by: assuring stakeholders that, if the principles and practices proposed by the standard are followed, they can have confidence in the organization's governance of IT, informing and guiding governing bodies in governing the use of IT in their organization, and establishing a vocabulary for the governance of IT.

Technologies de l'information — Gouvernance des technologies de l'information pour l'entreprise

General Information

Status
Withdrawn
Publication Date
10-Feb-2015
Current Stage
9599 - Withdrawal of International Standard
Completion Date
23-Feb-2024
Ref Project

Relations

Buy Standard

Standard
ISO/IEC 38500:2015 - Information technology -- Governance of IT for the organization
English language
12 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 38500
Second edition
2015-02-15
Information technology — Governance
of IT for the organization
Technologies de l’information — Gouvernance des technologies de
l’information pour l’entreprise
Reference number
ISO/IEC 38500:2015(E)
©
ISO/IEC 2015

---------------------- Page: 1 ----------------------
ISO/IEC 38500:2015(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2015
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO/IEC 2015 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 38500:2015(E)

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Terms and definitions . 1
3 Benefits of Good Governance of IT . 4
4 Principles and Model for Good Governance of IT . 5
4.1 Principles . 5
4.2 Model . 6
5 Guidance for the Governance of IT . 8
5.1 General . 8
5.2 Principle 1: Responsibility . 8
5.3 Principle 2: Strategy . 8
5.4 Principle 3: Acquisition . 9
5.5 Principle 4: Performance. 9
5.6 Principle 5: Conformance .10
5.7 Principle 6: Human Behaviour .10
Bibliography .12
© ISO/IEC 2015 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC 38500:2015(E)

Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of Inte
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.