International framework for the effective, responsible and business-aligned governance of information technology use.
ISO/IEC 38500:2024 is the international standard that sets principles and guidelines for Information Technology (IT) governance, aimed at governing bodies, boards, and senior management.
Governance Focus: The standard providing a framework for evaluating, directing, and monitoring the current and future use of IT, ensuring that technological decisions align with business strategy, risk management, regulatory compliance, and the organization's ethical values.
Core Principles: ISO/IEC 38500 is based on six key principles: responsibility, strategy, acquisition, performance, conformance, and human behavior, enabling informed and traceable decision-making regarding IT investments and use.
Objective: To ensure that technology delivers value, optimizes resources, controls risks, and effectively supports the achievement of organizational goals.
Scope: Applicable to all public and private organizations, including non-profits, of any size and industry, regardless of their level of technological dependency.
CyberHub Proposal: We assist organizations in evaluating their IT governance model, identifying gaps, and defining a governance framework aligned with ISO/IEC 38500, integrated with standards such as ISO 27001, ISO 20000-1, business continuity, and corporate governance.
