CHAPTER 6: ISO/IEC 38500 AND THE IT STEERING COMMITTEE

ISO/IEC 38500 is a principles-based standard. It describes what governing bodies should do, but does not provide guidance on how they should go about implementing an IT governance framework.

The governing body, in effect, needs to create a mechanism through which it can exercise its IT governance responsibilities and provide the business with technology leadership. The most effective way of doing this is through the creation of a standing board IT committee. Technology or IT leadership requires a specific mechanism of this sort, in a way that, for instance, neither HR nor sales do, for two reasons:

1.HR, sales, marketing, and so on are usually already dealt with effectively as part of the ...

Get ISO/IEC 38500: A pocket guide, second edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.