Lead SCADA Security  Training

ISO/IEC 38500 Lead IT Governance Manager

Master the principles and model of IT Governance based on ISO/IEC 38500

Course Description

ISO/IEC 38500 provides principles, definitions, and a model to help the governing bodies understand the importance of Information Technology (IT).This standard is intended to help all types of organizations in evaluating, directing and monitoring the use of Information Technology (IT), regardless of the degree of IT usage. It consists of management practices and decisions associated with the current and future use of IT. The purpose of this standard is to promote an effective, efficient and acceptable use of IT in all organizations by informing and guiding governing bodies in governing the IT use and establishing an IT governance vocabulary.

Who Should Attend

  • Managers or consultants responsible for ensuring good IT Governance within an organization and effective management of its risks
  • Expert advisors seeking to gain comprehensive knowledge of the key concepts and principles of IT Governance
  • Technical experts seeking to formalize, amend, and/or extend an organization’s IT-related objectives
  • Members of groups monitoring the resources within an organization
  • IT Governance and/or Information Security team members

Course Duration

Day 1: Introduction to IT Governance and ISO/IEC 38500

  • Course objective and structure
  • Normative frameworks for IT Governance
  • IT governance
  • ISO/IEC 38500 standard
  • IT Governance model
  • Responsibilities

Day 2: IT strategy and acquisition

  • Strategy
  • Strategic alignment through goal cascading
  • Changes in business strategy and barriers to strategic alignment
  • Strategic management
  • Acquisition
  • Manage & report IT investments and cost optimization
  • Value management

Day 3: Performance and risk management

  • Performance
  • Interoperability, standardization and economies of scale
  • Risk management as an integral part of performance
  • Risk management frameworks
  • Context establishment
  • Risk identification
  • Risk analysis
  • Risk evaluation
  • Risk treatment
  • Risk communication and review
  • Risk management approach to business resiliency

Day 4: Resource management, conformance and human behavior

  • Resource management – Introduction
  • Human resource management
  • IT resources planning methods
  • Data management and data governance
  • Record and monitor IT resource utilization and availability
  • Outsourcing
  • Outcome and performance measurement techniques
  • Conformance
  • Human behavior
  • Applying for certification and closing of the training

Day 5: Certification Exam


A fundamental understanding of ISO/IEC 38500 and comprehensive knowledge of IT Governance.