ISO/IEC 38506:2020 信息技术 IT治理 ISO/IEC 38500在IT投资治理中的应用

标准编号：ISO/IEC 38506:2020

中文名称：信息技术 IT治理 ISO/IEC 38500在IT投资治理中的应用

英文名称：Information technology — Governance of IT — Application of ISO/IEC 38500 to the governance of IT enabled investments

发布日期：2020-02

标准范围

This document provides guidance on governance of IT enabled investments to the governing body
of all forms of organizations, whether private, public or government entities, and will equally apply
regardless of the size of the organization or its industry or sector. The terms business and business
outcome throughout this document include all forms of organization covered by this document.
The document also provides guidance to other parties interacting with governing bodies such as project
personnel, accountants, management consultants, investment portfolio managers and governance
support staff.
IT enabled investments within the scope of this document could be investments of any scale from
acquiring businesses to any business change incorporating IT, building new business services or
addressing effectiveness and efficiency gains in IT operational services to gain competitive edge,
whether those services are internal or provided by external parties.
Resource allocation for strategic innovation is addressed by providing guidance to the governing
body’s decision for investment resource allocation between short-, medium- and long-term innovation
projects.
This document also provides guidance that can be applied in the due diligence process related to
business acquisitions. This document may provide guidance on the application of the principles
documented in ISO/IEC 38500 for ranking IT enabled investments including assessing the value and
risks of IT elements in the context of investment banking or as performed by investment companies.
This document does not prescribe or define specific management practices required for IT enabled
investments.
ISO/IEC TS 38501 contains guidance on the implementation arrangement for the effective governance
of IT in general. The constructs in ISO/IEC TS 38501 can help to identify internal and external factors
relating to the governance of IT and to define beneficial outcomes and identify evidence of success.
ISO/IEC TR 38502 contains guidance on the integration between the governing body and management
of an organization in general.
This document is written in accordance with the principles of ISO/IEC TR 38504:2016.

标准预览图