ISO/IEC38500 is the international standard for the corporate governance
of information and communication technology. The purpose of the standard
is to create a framework to ensure that the Board is appropriately
involved in the governance of the organisation's IT. The standard sets
out guiding principles for directors on how to ensure the effective,
efficient and acceptable use of IT within their company. This useful
pocket guide provides an account of the scope and objectives of the
standard. It outlines the standard's six core principles, sets out the
three major tasks that the standard assigns to directors regarding IT,
and explains the interrelationship between the two. The guide also
offers advice on how to set up and implement the IT governance
framework. Business benefits of ISO/IEC 38500 (ISO38500) include:
-Manage the organisation's investment in IT responsibly The pocket guide
shows how the standard can be used to ensure that your decision making
about IT investment remains clear and transparent, and that the
associated risks are clearly understood. -Meet compliance requirements
ISO/IEC38500 requires directors to verify that their IT systems are in
compliance with all applicable regulations. As this pocket guide
explains, following the procedures set out in ISO/IEC38500 will help
company directors both to achieve and demonstrate compliance. -Improve
the performance of the organisation On average, investment in IT
represents more than 50 per cent of every organisation's annual capital
investment. Both private and public sector organisations need to
maintain a high standard of service while at the same time keeping costs
low. The pocket guide looks at how following the guidance contained in
ISO/IEC38500 can enable directors to retain a grip on costs and obtain
better value for money from IT equipment. -Introduce effective project
governance This pocket guide describes how ISO/IEC38500 can help company
directors to identify problems in an IT project at an early stage. In
this way, the standard promotes effective management of the risks
associated with major IT projects, enables the board to keep a grip on
budgets and militates against project failure. Implement ISO38500, the
international standard for corporate governance of IT An IT governance
framework serves to close the gap between the importance of IT and the
understanding of IT. For this reason, you can use an IT governance
framework to improve your company's competitive position.
