Information Technology (IT) influences everyday tasks like remote work, managing finances, ordering food, navigating with GPS, and online shopping. In the business aspect, IT is used to analyze data through statistical methods, which enables organizations to make informed decisions. ISO/IEC 38500:2024— Information technology – Governance of IT for the organization provides guidance to governing bodies on the responsible, innovative, sustainable, and strategic use of IT.
How Does Information Technology (IT) Contribute to the Success of An Organization?
In organizations, Information Technology (IT) provides insights into trends, customer behavior, operational efficiency, and market conditions. This ultimately helps businesses optimize processes, improve performance, and identify potential risks across various departments—such as sales, marketing, finances, and human resources. IT therefore acts as an essential tool for data-driven strategies, helping boosts an organization’s productivity and competitiveness in the market.
With the increasing potential of current and future IT, however, the appropriate application of governance of IT is needed. The guidance in ISO/IEC 38500:2024 is used to help organizations effectively, responsibly, and ethically use IT.
What Is ISO/IEC 38500?
ISO/IEC 38500:2024 provides guiding principles for members of governing bodies of organizations and those that support them on the effective, efficient and acceptable use of information technology (IT) within their organizations. This international standard is applicable to the following:
- The governance of the organization’s current, and future, use of IT
- The governance of IT as a domain of governance of organizations
ISO/IEC 38500:2024 is addressed primarily to the governing body but recognizes that governance occurs throughout the organization. This standard therefore provides guidance on the practice of governance of IT across the organization including the interaction and collaboration of all personnel, regardless of their job description.
ISO/IEC 38500:2024 aligns to ISO 37000 and its principles of governance; this standard document can also be used in conjunction with other governance codes and principles for effective governance.
What Are Tools for Achieving Good Governance of IT?
ISO/IEC 38500:2024 establishes three tools for the governing body and associated governance and management practices to achieve good governance of IT:
- Principles for the governance of IT — applying these principles to the responsible and strategic use of IT can help make the organization more agile and adaptive.
- Model for the governance of IT — the model shows the main governance tasks and interactions throughout the organization, leading to a clarity of decision-making and responsibilities for all aspects of the use of IT.
- Framework for the governance of IT — the framework describes the elements through which the organization’s governance of IT arrangements operates, which helps to assure the critical actions of governance are considered and applied to the use of IT by the organization.
ISO/IEC 38500:2024— Information technology – Governance of IT for the organization is available on the ANSI Webstore.