ISO/IEC 38500:2015 provides guiding principles for members of governing bodies of organisations (which can comprise owners, directors, partners, executive managers, or similar) on the effective, efficient, and acceptable use of information technology (IT) within their organisations. It also provides guidance to those advising, informing, or assisting governing bodies. They include the following:
- Executive managers.
- Members of groups monitoring the resources within the organisation.
- External business or technical specialists, such as legal or accounting specialists, retail or industrial associations, or professional bodies.
- Internal and external service providers (including consultants).
ISO/IEC 38500:2015 applies to the governance of the organisation’s current and future use of IT including management processes and decisions related to the current and future use of IT. These processes can be controlled by IT specialists within the organisation, external service providers, or business units within the organisation.
ISO/IEC 38500:2015 defines the governance of IT as a subset or domain of organisational governance, or in the case of a corporation, corporate governance. ISO/IEC 38500:2015 is applicable to all organisations, including public and private companies, government entities, and not-for-profit organisations. ISO/IEC 38500:2015 is applicable to organisations of all sizes from the smallest to the largest, regardless of the extent of their use of IT. The purpose of ISO/IEC 38500:20015 is to promote effective, efficient, and acceptable use of IT in all organisations by:
- Assuring stakeholders that, if the principles and practices proposed by the standard are followed, they can have confidence in the organisation’s governance of IT.
- Informing and guiding governing bodies in governing the use of IT in their organisation.
- Establishing a vocabulary for the governance of IT.
Purchase and use of this product is governed by this EULA.