标准摘要
[中文适用范围]: 管理机构应明确评估的范围、要求和目标。管理机构应确定需要 IT 管理评估结果或可能从中受益的利益相关者。对于这些利益相关者,在设计评估时应考虑他们的需求和期望。在确定评估的范围、重点和优先级时,应考虑评估对组织最重要的问题,以获得最大的利益并且不浪费资源。这可以考虑到对 IT 的运营依赖程度、保证投入的存在,以及对组织而言重要且优先的任何具体战略举措。 [外文原描述]: This document provides guidance on the assessment of governance of information technology (IT) based on the principles, definitions and model for the governance of IT outlined in ISO/IEC 38500 and ISO/IEC TR 38502 and the implementation considerations outlined in ISO/IEC TS 38501. This document includes approaches for conducting the assessment, the criteria against which the assessment can be made, guidance on the evidence that can be used for the assessment, as well as a method for determining the maturity of the organization’s governance of IT. This document is applicable to organizations of all sizes, regardless of the extent of their use of IT.
英文名称Information technology - Governance of IT - Assessment of the governance of IT