ISO/IEC 38500:2008: Corporate governance of information technology

·  Acquire IT acquisitions and investments in a proper and valid way.

·  Corporate and IT strategy should be clearly aligned.

·  Ensure compliance with rules for all IT activities.

·  Ensure performance of IT is delivered when required.

·  Ensure respect and consideration for human factors in IT policies and practices.

·  Ensure that IT responsibilities are clearly established.