scope:

This International Standard provides guiding principles for members of governing bodies of organizations (including owners, directors, partners, executive managers, or similar) on the effective, efficient, and acceptable use of Information Technology (IT) within their organizations. It also provides guidance to those advising, informing, or assisting governing bodies. They include: - executive managers; - members of groups monitoring the resources within the organization; - external business or technical specialists, such as legal or accounting specialists, retail or industrial associations, or professional bodies; - internal and external service providers (including consultants); - auditors. This International Standard applies to the governance of the organization's current and future use of IT including management processes and decisions related to the current and future use of IT. These processes can be controlled by IT specialists within the organization, external service providers, or business units within the organization.