CHAPTER 10: ISO/IEC 38500

This chapter describes the scope, application and objectives of ISO/IEC 38500. It also sets out some of the benefits of using the standard, in terms of the conformance and performance of the organisation. Finally, it provides a set of useful definitions, some of which are drawn from ISO Guide 73:2002 (Risk Management—Vocabulary— #8212;Guidelines for Use in Standards).

Scope

As might be expected, the scope of ISO/IEC 38500 is ‘the governance of management processes (and decisions) relating to the information and communications processes used by an organization’68. The standard recognises that these processes could be controlled by one or more of the following:

• IT specialists within the organisation

• External service ...

Get IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.