ISO/IEC 38500: The IT Governance Standard

In the twenty-first century, IT governance has become a much-discussed topic among IT professionals. It is not well understood by senior managers, company directors, board members and chairmen – which is a pity, because IT governance is a key topic for exactly these people.

The emergence of ISO/IEC 38500 – the international standard for the corporate governance of information and communication technology – puts boards around the world in a position from which they can take effective action to apply core governance principles to their information and communication technology.

This essential pocket guide will help you to understand both this new standard and the complex area of IT governance.

Key features of this pocket guide include:

• An overview of the ISO/IEC 38500 standard
• Framework for good IT governance
• Project governance
• The Calder-Moir Framework

About the Author

Alan Calder is a leading author on IT governance and information security issues. He is chief executive of IT Governance Limited, the one-stop shop for books, tools, training and consultancy on Governance, Risk Management and Compliance. He is also Chairman of the Board of Directors of CEME, a public-private sector skills partnership.

Alan has written extensively on issues of IT governance. Books on the subject that are currently in print include IT Governance: Guidelines for Directors, IT Governance: A Practitioner’s Handbook and a series of IT governance-related pocket guides, known as the IT Governance Triptych.

Alan is also an international authority on ISO27001 (formerly BS7799), the international security standard, about which he wrote, with colleague Steve Watkins, the definitive compliance guide, IT Governance: A Manager’s Guide to Data Security and BS7799/ISO17799. This work is based on his experience of leading the world’s first successful implementation of BS7799 (with the fourth edition published in May 2008) and is the basis for the UK Open University’s postgraduate course on information security.

Other books written by Alan include The Case for ISO27001 and ISO27001 – Nine Steps to Success.

Alan is a frequent media commentator on information security and IT governance issues, and has contributed articles and expert comment to a wide range of trade, national and online news outlets.

Alan was previously CEO of Wide Learning, a supplier of e-learning; of Focus Central London, a training and enterprise council; and of Business Link London City Partners, a government agency focused on helping growing businesses to develop. He was a member of the Information Age Competitiveness Working Group of the UK Government’s Department for Trade & Industry, and was until recently a member of the DNV Certification Services Certification Committee, which certifies compliance with international standards including ISO27001.