• Content Type

ISO/IEC 38506:2020
BS ISO/IEC 38506:2020

Information technology. Governance of IT. Application of ISO/IEC 38500 to the governance of IT enabled investments

Last updated: 18 Jul 2024

Development Stage

Pre-draft

Draft

Published

29 Feb 2020
published

Scope

What is ISO/IEC 38506 about?

ISO/IEC 38506 is an International Standard on the governance of Information technology that provides guidance on governance of IT-enabled investments to the governing body of all forms of organizations, whether private, public, or government entities, and will equally apply regardless of the size of the organization or its industry or sector.

ISO/IEC 38506 also provides guidance to other parties interacting with governing bodies such as project personnel, accountants, management consultants, investment portfolio managers and governance, support staff.

ISO/IEC 38506 does not prescribe or define specific management practices required for IT-enabled investments.

Who is ISO/IEC 38506 for?

ISO/IEC 38506 on governance of IT is relevant to:

  • IT industry
  • Public and private organizations
  • Investment portfolio management companies
  • Management consultants
  • Regulatory bodies

Why should you use ISO/IEC 38506?

Information Technology (IT) supports the core functions of all organizations, underpins the basis of almost all business activities and interfaces with customers and other stakeholders. Investments in IT enablement and the contribution of IT to the business capability and performance of the organization play a significant role in the achievement of strategic plans and the delivery of business value. ISO/IEC 38506 specifies effective governance of IT-enabled investments that will provide governing bodies with a better understanding of their obligations and derived to support the organization’s business opportunities and to appropriately mitigate the organization’s risk.

ISO/IEC 38506 ensures that IT governance delivers the promised benefits against the strategy at an agreed risk exposure and provides clarity between the business strategy and the IT strategy and initiatives.

ISO/IEC 38506 also provides guidance that can be applied in the due diligence process related to business acquisitions. Effective governance will proactively prevent or mitigate the IT aspects of the risk of such events occurring, for example, by addressing prolonged underinvestment.

ISO/IEC 38506 is beneficial as it allows organizations to improve cost savings, reduce redundancies and let customers fully benefit from new products or services. © British Standards Institution 2022

External Links

More information
BSI webpage

Let the community know

Categorisation

Domain: Financial services
Scope: AI-enabling - IT governance
Topic: Accountability, Organisational governance
Type: Process, management and governance

Key Information

Organisation: ISO/IEC, BSI
Committee: ISO/IEC JTC 1/SC 40
Relevant UK committee: IST/60/1

Referenced standards: ISO/IEC 38500:2015, ISO/IEC TS 38501:2015, ISO/IEC TR 38502:2017, ISO/IEC TR 38504:2016

Share on XShare on LinkedIn

Discussion Forum

  • Author
    Posts
  • 31 January 2023 at 3:45 pm
    Up
    0
    ::
    AI Standards Hub

    Share your thoughts on this standard with the AI Standards Hub community here.

  • Author
    Posts

You must be logged in to contribute to the discussion

Login
\\n\\t\\t\\t\\t-->