ISO/IEC 38500 is an IT governance framework with a set of principles that guide organizational heads to run IT efficiently. The directors can be business owners, board executives, partners, or top management. In this article at Van Haren Publishing, get a quick glance at ISO/IEC 38500 to boost your company’s IT governance.
Working on the ISO/IEC 38500 Basics
The principles stated in ISO/IEC 38500 are as below:
Accountability: Ensure that employees have enough capabilities to cater to IT expectations and services.
Approach: Business and IT should support each other.
Procurement: Pour fund and support based on the strength of the business case. Regularly review to check if the project is reaching the expected milestones.
Execution: Your IT department must ensure that the IT tools and activities are helping the business realize its benefits.
Compliance: While helping businesses to comply with the necessary rules and regulations, IT tools, too, must follow the same.
People: The IT department must make people-centric policies, best practices, and resolutions.
ISO/IEC 38500 Benefits and Challenges:
ISO/IEC 38500 looks after the governance of services related to your organization’s information and communications. The in-house IT department, business units, or external service providers can monitor implementation and maintenance. Be it private, public, or non-profit, ISO/IEC 38500 is applicable for any organization of any size, sector, and IT usage.
Benefits: You can define responsibility for the risks and activities related to IT to an individual or department with ISO/IEC 38500. You can assign and monitor IT security duties, tactics, and actions. It enables people to act and inform based on existing or future IT activities.
Challenges: ISO/IEC 38500 imposes specific rules that you cannot apply to managers that handle outsourced IT projects. For such situations, include those clauses in the contracts with your external IT service providers. The catch is, you cannot use ISO/IEC 38500 in place of COBIT, ITIL, or other governance standards. However, you can use the governance framework to assist them in meeting the IT demands.
To view the original article in full, visit the following link: https://www.vanharen.net/blog/isoiec-38500-for-it-governance-in-3-minutes/