CHAPTER 4: PRINCIPLES AND MODEL FOR GOOD GOVERNANCE OF IT

This, the fourth chapter of ISO/IEC 38500, contains the meat of the matter, the most important part of the Standard, and the core of the Standard’s concept of IT governance. It identifies six principles of good IT governance, and three main tasks for which governing bodies are responsible.

Six principles

The six principles – which are intended to guide decision-making – of good IT governance are:

1Responsibility;

2Strategy;

3Acquisition;

4Performance;

5Conformance; and

6Human behaviour.

The principle of responsibility recognises that those responsible for IT within organisations must understand and accept their responsibilities in respect of the supply and demand for IT. They must also ...

Get ISO/IEC 38500: A pocket guide, second edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.