Home

38500

38500 commonly refers to ISO/IEC 38500, Information technology — Governance of information technology. It is an international standard jointly published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The standard provides high-level guidance for governing information technology within organizations.

The scope is to help board members and senior management direct, monitor, and evaluate IT resources, ensuring

Its core content centers on governance principles such as accountability, strategic alignment, value delivery, resource management,

Relationship to other frameworks: The standard is technology-neutral and can be used in conjunction with other

Publication and status: Issued in 2008, ISO/IEC 38500 has become a widely cited reference in discussions of

that
IT
supports
the
organization’s
objectives,
delivers
value,
and
manages
risk
and
compliance.
It
is
not
a
technical
specification
or
an
IT
management
method;
rather,
it
offers
a
principles-based
framework
that
can
be
applied
to
organizations
of
any
size
or
sector.
risk
management,
performance
measurement,
and
compliance
with
laws
and
policies.
The
framework
promotes
separation
of
governance
from
operational
IT
management
and
emphasizes
that
governance
should
be
outcome-focused
and
risk-aware.
IT
governance
and
management
frameworks,
including
COBIT,
ITIL,
or
risk
management
standards.
It
is
not
itself
a
certification
standard
but
may
be
used
as
a
reference
in
governance
assessments
and
audits.
IT
governance.
Organizations
may
adopt
its
principles
to
guide
governance
arrangements
and
board
oversight
of
IT
investments
and
performance.