ISO 38500 Governance of IT for the Organization

ISO/IEC 38500:2015 provides guiding principles for members of governing bodies of organizations (which can comprise owners, directors, partners, executive managers, or similar) on the effective, efficient, and acceptable use of information technology (IT) within their organizations.

The objective of this International Standard is to provide principles, definitions, and a model for governing bodies to use when evaluating, directing, and monitoring the use of information technology (IT) in their organizations.

This International Standard is a high level, principles-based advisory standard. In addition to providing broad guidance on the role of a governing body, it encourages organizations to use appropriate standards to underpin their governance of IT.

Most organizations use IT as a fundamental business tool and few can function effectively without it. IT is also a significant factor in the future business plans of many organizations.

Expenditure on IT can represent a significant proportion of an organization's expenditure of financial and human resources. However, a return on this investment is often not realized fully and the adverse effects on organizations can be significant.

How BSI can support you?

Verification audits: By partnering with BSI to verify your compliance with international best practices, we will highlight current strengths and weaknesses in your systems with our value-adding reports.

Internal audits: Let us review your organizational governance against industry-specific requirements, protocols, and standards.

Training: Our expert tutors deliver a wide range of training courses either online, in-house, or part of an open course to help you understand, implement, and audit against the requirements to the standard.

Next Steps

Whether you are just starting your business improvement journey or need to discuss options for your business, contact our expert team who will guide you through the process.