Customer Support: 131 242

  • There are no items in your cart
We noticed you’re not on the correct regional site. Switch to our AMERICAS site for the best experience.
Dismiss alert

ISO/IEC 38500:2015

Superseded
Superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

View Superseded by
superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

Information technology — Governance of IT for the organization
Available format(s)

Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users

Superseded date

23-02-2024

Language(s)

English

Published date

11-02-2015

ISO/IEC 38500:2015 provides guiding principles for members of governing bodies of organizations (which can comprise owners, directors, partners, executive managers, or similar) on the effective, efficient, and acceptable use of information technology (IT) within their organizations.

It also provides guidance to those advising, informing, or assisting governing bodies. They include the following:

  • executive managers;
  • members of groups monitoring the resources within the organization;
  • external business or technical specialists, such as legal or accounting specialists, retail or industrial associations, or professional bodies;
  • internal and external service providers (including consultants);
  • auditors.

ISO/IEC 38500:2015 applies to the governance of the organization's current and future use of IT including management processes and decisions related to the current and future use of IT. These processes can be controlled by IT specialists within the organization, external service providers, or business units within the organization.

ISO/IEC 38500:2015 defines the governance of IT as a subset or domain of organizational governance, or in the case of a corporation, corporate governance.

ISO/IEC 38500:2015 is applicable to all organizations, including public and private companies, government entities, and not-for-profit organizations. ISO/IEC 38500:2015 is applicable to organizations of all sizes from the smallest to the largest, regardless of the extent of their use of IT.

The purpose of ISO/IEC 38500:20015 is to promote effective, efficient, and acceptable use of IT in all organizations by:

  • assuring stakeholders that, if the principles and practices proposed by the standard are followed, they can have confidence in the organization's governance of IT,
  • informing and guiding governing bodies in governing the use of IT in their organization, and
  • establishing a vocabulary for the governance of IT.

Committee
ISO/IEC JTC 1/SC 40
DocumentType
Standard
Pages
12
PublisherName
International Organization for Standardization
Status
Superseded
SupersededBy
Supersedes

CEI UNI EN ISO/IEC 30121 : 1ED 2017 INFORMATION TECHNOLOGY - GOVERNANCE OF DIGITAL FORENSIC RISK FRAMEWORK
CSA ISO/IEC 19770-1 : 2013 : R2017 INFORMATION TECHNOLOGY - SOFTWARE ASSET MANAGEMENT - PART 1: PROCESSES AND TIERED ASSESSMENT OF CONFORMANCE
BS ISO/IEC 20000-2:2012 Information technology. Service management Guidance on the application of service management systems
BS ISO/IEC 19086-1:2016 Information technology. Cloud computing. Service level agreement (SLA) framework Overview and concepts
ISO/IEC TR 38502:2017 Information technology — Governance of IT — Framework and model
ISO/IEC 38505-1:2017 Information technology — Governance of IT — Governance of data — Part 1: Application of ISO/IEC 38500 to the governance of data
ISO 21505:2017 Project, programme and portfolio management — Guidance on governance
CSA ISO/IEC 27050-1 : 2018 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ELECTRONIC DISCOVERY - PART 1: OVERVIEW AND CONCEPTS
10/30207796 DC : 0 BS ISO/IEC 15289 - SOFTWARE AND SYSTEMS ENGINEERING - CONTENT OF LIFE-CYCLE INFORMATION PRODUCTS
BS ISO/IEC 26511:2011 Systems and software engineering. Requirements for managers of user documentation
BS ISO/IEC 30121 : 2015 INFORMATION TECHNOLOGY - GOVERNANCE OF DIGITAL FORENSIC RISK FRAMEWORK
ISO/IEC TR 29110-5-3:2018 Systems and software engineering — Lifecycle profiles for Very Small Entities (VSEs) — Part 5-3: Service delivery guidelines
ISO/IEC 19086-1:2016 Information technology Cloud computing Service level agreement (SLA) framework Part 1: Overview and concepts
BS ISO 21505:2017 Project, programme and portfolio management. Guidance on governance
ISO/TS 17187:2013 Intelligent transport systems Electronic information exchange to facilitate the movement of freight and its intermodal transfer Governance rules to sustain electronic information exchange methods
BS ISO/IEC 18384-1:2016 Information technology. Reference Architecture for Service Oriented Architecture (SOA RA) Terminology and concepts for SOA
PD ISO/IEC TS 38501:2015 Information technology. Governance of IT. Implementation guide
ISO/IEC/IEEE 15289:2017 Systems and software engineering Content of life-cycle information items (documentation)
CSA ISO/IEC TS 38501 : 2015 INFORMATION TECHNOLOGY - GOVERNANCE OF IT - IMPLEMENTATION GUIDE
BS ISO/IEC/IEEE 15289:2011 Systems and software engineering. Content of life-cycle information products (documentation)
BS ISO/IEC/IEEE 15289:2019 Systems and software engineering. Content of life-cycle information items (documentation)
UNE-ISO/IEC 20000-2:2015 Information technology. Service management. Part 2: Guidance on the application of service management systems
ISO/IEC TR 38505-2:2018 Information technology — Governance of IT — Governance of data — Part 2: Implications of ISO/IEC 38505-1 for data management
CSA ISO/IEC 19770-1 :2013 INFORMATION TECHNOLOGY - SOFTWARE ASSET MANAGEMENT - PART 1: PROCESSES AND TIERED ASSESSMENT OF CONFORMANCE
BS ISO/IEC 38505-1:2017 Information technology. Governance of IT. Governance of data Application of ISO/IEC 38500 to the governance of data
CSA ISO/IEC 20000-2 : 2013 : R2017 INFORMATION TECHNOLOGY - SERVICE MANAGEMENT - PART 2: GUIDANCE ON THE APPLICATION OF SERVICE MANAGEMENT SYSTEMS
ISO/IEC/IEEE 26511:2011 Systems and software engineering Requirements for managers of user documentation
ISO/IEC TR 38504:2016 Governance of information technology — Guidance for principles-based standards in the governance of information technology
ISO/IEC TR 20000-10:2015 Information technology Service management Part 10: Concepts and terminology
EN ISO/IEC 30121:2016 Information technology - Governance of digital forensic risk framework (ISO/IEC 30121:2015)
PD ISO/IEC TR 38502:2017 Information technology. Governance of IT. Framework and model
16/30287629 DC : 0 BS ISO/IEC 27050-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ELECTRONIC DISCOVERY - PART 1 OVERVIEW AND CONCEPTS
CSA ISO/IEC TR 38502 : 2015 INFORMATION TECHNOLOGY - GOVERNANCE OF IT - FRAMEWORK AND MODEL
10/30204688 DC : 0 BS ISO/IEC 26511 - SOFTWARE AND SYSTEMS ENGINEERING - REQUIREMENTS FOR MANAGERS OF USER DOCUMENTATION
ISO/IEC 18384-1:2016 Information technology Reference Architecture for Service Oriented Architecture (SOA RA) Part 1: Terminology and concepts for SOA
16/30316173 DC : 0 BS ISO/IEC 19086-1 - INFORMATION TECHNOLOGY - CLOUD COMPUTING - SERVICE LEVEL AGREEMENT (SLA) FRAMEWORK - PART 1: OVERVIEW AND CONCEPTS
13/30284618 DC : 0 PD ISO/IEC/TR 38502 - INFORMATION TECHNOLOGY - GOVERNANCE OF IT - FRAMEWORK AND MODEL
17/30329617 DC : 0 BS ISO/IEC 29110-4-3 - SYSTEMS AND SOFTWARE ENGINEERING - LIFECYCLE PROFILES FOR VERY SMALL ENTITIES (VSES) - PART 4-3: SERVICE DELIVERY - PROFILE SPECIFICATION
12/30209825 DC : 0 BS ISO/IEC 27014 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GOVERNANCE OF INFORMATION SECURITY
IEEE 20000-2-2013 IEEE Standard -- Adoption of ISO/IEC 20000-2:2012, Information technology -- Service management -- Part 2: Guidance on the application of service management systems
CSA ISO/IEC 20000-2:2013 INFORMATION TECHNOLOGY - SERVICE MANAGEMENT - PART 2: GUIDANCE ON THE APPLICATION OF SERVICE MANAGEMENT SYSTEMS
CAN/CSA-ISO/IEC TR 38504:18 Governance of information technology ? Guidance for principles-based standards in the governance of information technology (Adopted ISO/IEC TR 38504:2016, first edition, 2016-09-15)
CAN/CSA-ISO/IEC 19086-1:18 Information technology — Cloud computing — Service level agreement (SLA) framework — Part 1: Overview and concepts (Adopted ISO/IEC 19086-1:2016, first edition, 2016-09-15)
SR 003 391 : 2.1.1 CLOUD STANDARDS COORDINATION PHASE 2; INTEROPERABILITY AND SECURITY IN CLOUD COMPUTING
ISO 22316:2017 Security and resilience — Organizational resilience — Principles and attributes
I.S. EN ISO/IEC 30121:2016 INFORMATION TECHNOLOGY - GOVERNANCE OF DIGITAL FORENSIC RISK FRAMEWORK (ISO/IEC 30121:2015)
ISO/IEC 27050-1:2016 Information technology Security techniques Electronic discovery Part 1: Overview and concepts
ISO/TR 14639-2:2014 Health informatics Capacity-based eHealth architecture roadmap Part 2: Architectural components and maturity model
ISO/IEC 30121:2015 Information technology Governance of digital forensic risk framework
ISO/IEC 20000-2:2012 Information technology Service management Part 2: Guidance on the application of service management systems
BS ISO/IEC 27014:2013 Information technology. Security techniques. Governance of information security
PD ISO/TS 17187:2013 Intelligent transport systems. Electronic information exchange to facilitate the movement of freight and its intermodal transfer. Governance rules to sustain electronic information exchange methods
BS EN ISO/IEC 30121:2016 Information technology. Governance of digital forensic risk framework
PD ISO/IEC TR 38504:2016 Governance of information technology. Guidance for principles-based standards in the governance of information technology
12/30228065 DC : 0 BS 13500 - CODE OF PRACTICE FOR DELIVERING EFFECTIVE GOVERNANCE
PD ISO/TR 14639-2:2014 Health informatics. Capacity-based eHealth architecture roadmap Architectural components and maturity model
16/30333228 DC : 0 BS ISO/IEC 38505-1 - INFORMATION TECHNOLOGY - GOVERNANCE OF IT - PART 1: THE APPLICATION OF ISO/IEC 38500 TO THE GOVERNANCE OF DATA
PD ISO/IEC TR 20000-10:2015 Information technology. Service management Concepts and terminology
13/30268064 DC : 0 BS ISO/IEC 30121 - SYSTEM AND SOFTWARE ENGINEERING - INFORMATION TECHNOLOGY - GOVERNANCE OF DIGITAL FORENSIC RISK FRAMEWORK
18/30325702 DC : 0 BS ISO/IEC 27050-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - ELECTRONIC DISCOVERY - PART 2: GUIDANCE FOR GOVERNANCE AND MANAGEMENT OF ELECTRONIC DISCOVERY
ISO/IEC TS 38501:2015 Information technology — Governance of IT — Implementation guide
ISO/IEC 27014:2013 Information technology Security techniques Governance of information security
NS-ISO/IEC 42001:2023 Information technology - Artificial intelligence - Management system
INCITS/ISO/IEC TR 38504:2016(R2023) Governance of information technology — Guidance for principlesbased standards in the governance of information technology

ISO/IEC TR 38502:2014 Information technology Governance of IT Framework and model
SA/SNZ TR ISO 21965:2020 Information and documentation - Records management in enterprise architecture
AS/NZS ISO/IEC 20000.10:2019 Information technology - Service management Concepts and vocabulary
SA/SNZ TR ISO/IEC 38505.2:2019 Information technology - Governance of IT - Governance of data Implications of ISO/IEC 38505-1 for data management
ISO/IEC TS 38501:2015 Information technology — Governance of IT — Implementation guide
AS/NZS ISO/IEC 20000.2:2020 Information technology - Service management Guidance on the application of service management systems

View more information
$118.72
Including GST where applicable

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Need help?
Call us on 131 242, then click here to start a Screen Sharing session
so we can help right away! Learn more