|
ISO/IEC 38500 is an international standard for Corporate governance of information technology published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It provides a framework for effective governance of IT to assist those at the highest level of organizations to understand and fulfill their legal, regulatory, and ethical obligations in respect of their organizations’ use of IT. ISO/IEC 38500 is applicable to organizations of all sizes, including public and private companies, government entities, and not-for-profit organizations. This standard provides guiding principles for directors of organizations on the effective, efficient, and acceptable use of Information Technology (IT) within their organizations. It is organized into three prime sections, specifically, Scope, Framework and Guidance 〔(The ISO 38500 IT Governance Standard ).〕 The framework comprises definitions, principles and a model. It sets out six principles for good corporate governance of IT: * Responsibility; * Strategy; * Acquisition; * Performance; * Conformance; * Human behaviour. It also provides guidance to those advising, informing, or assisting directors. ==See also== * Data governance * Corporate governance of information technology * ISO/IEC JTC 1/SC 40 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「ISO/IEC 38500」の詳細全文を読む スポンサード リンク
|