ISO/IEC 38500: FOUNDATION
The ISO/IEC 38500: Foundation course provides a comprehensive introduction to corporate governance of information technology (IT) based on ISO/IEC 38500, the international standard that offers guiding principles for effective, responsible, and ethical governance of IT. ISO/IEC 38500 is published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The standard is designed primarily for boards, executive management, and senior leaders, but is also highly relevant to governance, risk, compliance, audit, and IT management professionals who support decision-making at the highest levels. This Foundation-level course introduces the principles, model, and governance framework of ISO/IEC 38500, focusing on how organizations can ensure that IT supports business objectives, delivers value, manages risk, and complies with obligations. Course Objectives By the end of this course, participants will be able to: Understand the purpose and scope of ISO/IEC 38500 Explain the concept of corporate governance of IT Understand the roles and responsibilities of governing bodies and management Describe the ISO/IEC 38500 governance model Explain the six principles of effective IT governance Recognize how ISO/IEC 38500 supports value creation, risk management, and compliance
Course Curriculum
1
- Definition of corporate governance of IT
- Importance of IT governance in modern organizations
- Governance vs management of IT
- Stakeholders in IT governance
2
- Purpose and scope of ISO/IEC 38500
- Intended audience and users
- Benefits of applying ISO/IEC 38500
- Relationship with other governance and management frameworks
3
- Governance system components
- Direct, Evaluate, and Monitor (DEM) model
- Alignment of IT with business objectives
- Accountability and decision-making structures
4
- Responsibilities of the governing body
- Responsibilities of executive management
- Role of IT management and assurance functions
- Delegation and accountability
5
- Responsibility
- Strategy
- Acquisition
- Performance
- Conformance
- Human Behaviour
6
- Translating principles into governance practices
- Policy setting and oversight
- Ensuring value delivery from IT investments
- Managing IT-related risks
7
- Governance oversight of IT risk
- Compliance with laws, regulations, and standards
- Role of audits and assurance
- Supporting transparency and accountability
8
- Relationship with enterprise governance
- Alignment with ISMS, IT service management, and GRC frameworks
- Supporting digital transformation and innovation
- Avoiding overlap between governance and management
9
- Governance indicators and reporting
- Monitoring IT performance and value
- Continuous oversight and improvement
- Management reporting to the governing body
10
- Common governance challenges
- Good practices and lessons learned
- Case study overview
- Preparing for advanced governance roles
11
- Review of ISO/IEC 38500 Foundation syllabus
- Sample questions and exam techniques
- Certification exam guidance
12
- Board members and executive management
- Governance, risk, and compliance (GRC) professionals
- CIOs, IT directors, and senior IT managers
- Internal auditors and assurance professionals
- Consultants supporting IT governance initiatives
- Professionals preparing for ISO/IEC 38500 Foundation certification
13
- No formal prerequisites
- Basic understanding of IT and organizational governance is beneficial
This course includes
- 13+ Activity Modules
- 40 hours + lessons
- Lifetime access
- Certificate of completion
- Available on desktop and mobile
Some of Our Partners
