ISO IEC 38500:2015 pdf download.Information technology - Governance of IT for the organization
1 Scope
ISO IEC 38500 provides guiding principles for members of governing bodies of organizations (which can comprise owners, directors, partners, executive managers, or similar) on the effective, efficient, and acceptable use of information technology (IT) within their organizations.
This International Standard applies to the governance of the organization's current and future use of IT including management processes and decisions related to the current and future use of IT. These processes can be controlled by IT specialists within the organization, external service providers, or business units within the organization.
This International Standard defines the governance of IT as a subset or domain of organizational governance, or in the case of a corporation, corporate governance.
This International Standard is applicable to all organizations, including public and private companies,government entities, and not-for-profit organizations. This International Standard is applicable to organizations of all sizes from the smallest to the largest, regardless of the extent of their use of IT.
2.5 direct
communicate desired purposes and outcomes to
Note 1 to entry: In the context of governance of IT, direct involves setting objectives, strategies, and policies to be adopted by the members of the organization to ensure that use of IT meets business objectives.
Note 2 to entry: Objectives, strategies, and policies can be set by managers if they have authority delegated by the governing body.
2.6 evaluate
consider and make informed judgements
Note 1 to entry: In the context of governance of IT, evaluate involves judgements about the internal and external,current and future circumstances and opportunities relating to the organization's current and future use of IT.
2.7 executive manager
person who has authority delegated from the governing body for implementation of strategies and policies to fulfil the purpose of the organization
Note 1 to entry: Executive managers can include roles which report to the governing body or the head of the organization or have overall accountability for major reporting function, for example Chief Executive Officers (CEOs), Heads of Government Organizations, Chief Financial Officers (CFOs), Chief Operating Officers (COOs),Chief Information Officers (CIOs), and similar roles.
Note 2 to entry: In management standards, executive managers can be referred to as top management.
2.11 human behaviour
interaction among humans and other elements of the system
Note 1 to entry: Human behaviour includes culture, needs, and aspirations of people as individuals and as groups.
Note 2 to entry: In respect of IT, there are numerous groups or communities of humans, each with their own needs,aspirations, and behaviours. For example, people who use information systems might exhibit needs relating to accessibility and ergonomics, as well as availability and performance. People whose job roles are changing because of the use of IT might exhibit needs relating to communication, training, and reassurance. People involved in building and operating IT capabilities might exhibit needs relating to working conditions and development of skills.ISO IEC 38500 pdf download.