Do we need a certification scheme for ISO/IEC 38500? May 22, 2018 – Posted in: ISO 38500 – Tags: ISO38500, IT governance
IT governance is a subset of corporate governance. It is a mechanism for aligning IT’s strategy with that of the business. Many organisations implement an IT governance framework to due to stakeholder pressure, or to ensure compliance with regulations governing things such as data protection, financial accountability, and data retention.
But how many professionals employ the guidance in the ISO/IEC 38500 family of standards? Many organisations probably use it as a source of best practice information, but as there isn’t an organisational certification scheme like those for other International Standards such as ISO 9001, adherence to the guidance is probably not that great.
Don’t get me wrong the ISO/IEC 38500 standard is great. ISO and IEC have been great in leading the way for best practice for IT governance. Its just don’t we need a scheme that ensures adherence to the standard? Don’t our customers deserve and expect better?
I think they do.
To get an overview of the ISO/IEC 38500 standard read A Guide to ISO/IEC 38500:2015 Governance of IT.