Description of the ISO 38500 Corporate Governance of ICT Course

The ISO 38500 Corporate Governance of ICT standard outlines the requirements for IT governance. It is a high-level document that introduces the concepts of governance for ICT. This standard provides definitions, principles and a model useful for the implementation of IT governance. 


Proper corporate governance of IT assists the top level of management to ensure that IT use contributes positively to the performance of the organization, through:

  • appropriate implementation and operation of IT assets;
  • clarity of responsibility and accountability for both the use and provision of IT in achieving the goals of the organization;
  • business continuity and sustainability;
  • alignment of IT with business needs;
  • efficient allocation of resources;
  • innovation in services, markets, and business;
  • good practice in relationships with stakeholders;
  • reduction in the costs for an organization; and
  • actual realization of benefits from each IT investment.

Proper corporate governance of IT will also assist directors in assuring conformance with obligations (regulatory, legislation, contractual) concerning the acceptable use of IT. 


Participants will learn through discussion and practical examples how to implement IT governance in accordance with the ISO 38500 specification.

This seminar will assist delegates understand the six principles for good IT governance: 

Principle 1: Responsibility

  • Individuals and groups within the organization understand and accept their responsibilities in respect of both supply of, and demand for IT. 

Principle 2: Strategy

  • The organization’s business strategy takes into account the current and future capabilities of IT; the strategic plans for IT satisfy the current and ongoing needs of the organization’s business strategy.

Principle 3: Acquisition

  • IT acquisitions are made for valid reasons, on the basis of appropriate and ongoing analysis, with clear and transparent decision making. 

Principle 4: Performance

  • IT is fit for purpose in supporting the organization, providing the services, levels of service and service quality required to meet current and future business requirements.

Principle 5: Conformance

  • IT complies with all mandatory legislation and regulations. Policies and practices are clearly defined, implemented and enforced.

Principle 6: Human Behaviour

  • IT policies, practices and decisions demonstrate respect for Human Behaviour, including the current and evolving needs of all the ‘people in the process’.

Delegates will also learn more about how to integrate the implementation of ISO 38500 with other related initiatives.