• Content Type

GB30230555

Information technology. Governance of IT. Implementation guide

Last updated: 7 Jan 2025

Development Stage

Pre-draft

Draft

Published

30 Apr 2015

Abstract

Information technology (IT) has become pervasive in supporting and enabling the strategy of organizations and this prevalence mandates the governance of IT as an organizational imperative.

Organizations have made significant investments in IT to automate business processes and to communicate and transact electronically with their customers and suppliers. The benefits from these investments have unfortunately not always materialised and in some instances, organizations have incurred significant financial and reputational damage as a result of IT failures. This has further heightened governing body awareness of the need for the governance of IT and of their responsibilities in this regard.

It might be, however, that some governing bodies are uncertain of what arrangements they need to have in place for the governance of IT.

This Technical Specification has therefore been developed to provide guidance on the implementation of governance of IT within organizations. It considers governance, both from the perspective of gaining assurance that the risks associated with the use of IT are appropriately managed, as well as ensuring that the organization maximizes the value from its investments in IT.

It expands on the model and principles for good governance of IT, as described in ISO/IEC 38500 and ISO/IEC/TR 38502, and provides guidance on a methodology for implementing principles-based governance of IT. © ISO/IEC 2022 All rights reserved

Scope

This Technical Specification provides guidance on how to implement arrangements for effective governance of IT within an organization.

This Technical Specification identifies the key activities that an organization has to undertake to implement governance of IT, in accordance with ISO/IEC 38500. © ISO/IEC 2022 All rights reserved

Purpose

It provides guidance on the design and establishment of the arrangements for the governance of IT, clarifying roles and responsibilities of key stakeholders within the organization, as well as providing examples of matters to consider in the design of the governance of IT.

This Technical Specification can be used by individuals responsible for governance of IT within an organization and individuals supporting in the governance of organizations. This Technical Specification is applicable to organizations of all sizes and types. © ISO/IEC 2022 All rights reserved

External Links

More information
BSI webpage
[site_reviews_summary assigned_posts=”post_id” hide=”bars,if_empty” text=”{rating} out of {max} stars ({num} reviews)”]

Let the community know

Categorisation

Domain: Horizontal
Scope: AI-enabling - IT governance
Topic: Organisational governance
Type: Process, management and governance

Key Information

Organisation: ISO International Organization for Standardization ; IEC International Electrotechnical Commission, BSI
Committee: ISO/IEC JTC 1/SC 40
Relevant UK committee: IST/60/1
Share on XShare on LinkedIn

Discussion

[check_original_title]