To implement the ISO 38500 standard a system to direct and control the current and future use of IT is required. The system comprises controls and processes to achieve the strategic objectives set by the organisation's governing body. A few choices are available

COBIT is a popular IT management framework that defines both processes and controls. In many respects its purpose is similar to ISO 38500 as it also aims to enable better governance of information technology so that the organisational objectives are achieved.

iso 38500 modelAt the centre of ISO 38500 is a framework of 6 principles. To implement these principles it is easiest if they are mapped to the COBIT process model and through the execution of these processes ISO 38500 becomes effective.

The advantage of using a process framework like COBIT is that it groups related IT activities in processes that have a life-cycle and are focused on achieving specific outcomes. Through cascading the organisation's business objectives down to the IT processes you are able to align day to day activities with the organisation's stakeholder expectations.

Roles, responsibilities and decision-rights at the process level can be aligned with the business goals. Governance mechanisms such as job descriptions and contracts can be crafted to support the achievement of specific outcomes. Performance measures can be fine tuned to drive the required behaviour. Over time, controls are implemented to manage risk and capability is developed so the organisation is better able to perform as expected.

POPI Capability Assessments

COBIT 5 capability assessments are highly subjective and depend entirely on the assessor's IT knowledge and experience.

The ITGN has the skill, experience and tools needed to ensure reliable results. Read more...

POPI Management System

Improve your IT organisation's efficiency and effectiveness with a management system to coordinate and continuously improve the operational practices.


POPI Expertise

IT governance experts are available to assist establish, implement and improve the governance of IT based on the ISO 38500 standard and COBIT 5 good practices.


Go to top