Governance of data — Part 2: Implications of ISO/IEC 38505-1 for data management. The True Purpose of the Standard
If your team is reviewing an ISO 38505 document to build an enterprise framework, follow these strategic steps for deployment: Step 1: Secure Executive Sponsorship
ISO/IEC 38505 provides a strategic framework for data governance, focusing on aligning data usage with business goals, compliance, and risk management. Experts regard it as a "North Star" standard that, while resource-intensive, establishes consistent, global benchmarks for data accountability and security. More details on this standard can be found at Sogeti Labs Kemp IT Law Applying ISO Standards to Strengthen Data Governance
: It helps unlock hidden value by treating data as a balance-sheet asset rather than a liability or technical byproduct. iso 38505 pdf
ISO 38505 is an international standard that provides guidelines for the governance of IT-enabled business change. It was published in 2017 by the International Organization for Standardization (ISO) and is designed to help organizations ensure that their IT-enabled business changes are aligned with their strategic objectives, and that the risks associated with such changes are properly managed.
You can download the ISO 38505 standard in PDF format from the official ISO website or other online platforms that sell international standards.
ISO/IEC TS 38505-3:2021 (Guidelines for Data Classification) Governance of data — Part 2: Implications of
Individuals and teams must understand their responsibilities regarding data.
based on the six governance principles mentioned in the standard?
The ISO/IEC 38505 series focuses on the , providing a framework for governing bodies to evaluate, direct, and monitor how data is handled within an organization. A "complete feature" based on this standard would likely be an Automated Data Accountability & Classification Dashboard . More details on this standard can be found
┌────────────────────────────────────────┐ │ EVALUATE │ │ (Assess current & future data usage) │ └───────────────────┬────────────────────┘ │ ▼ ┌────────────────────────────────────────┐ │ DIRECT │ │ (Assign policies & responsibilities) │ └───────────────────┬────────────────────┘ │ ▼ ┌────────────────────────────────────────┐ │ MONITOR │ │ (Track compliance & asset performance) │ └───────────────────┬────────────────────┘ │ └─────── (Loop back to Evaluate) 1. Evaluate
The Complete Guide to ISO 38505: Data Governance and the Future of Corporate Data Assets
Operational execution, architecture, database design, and ingestion. Board of Directors, C-Suite, Chief Data Officers (CDOs). CISOs, Security Teams, IT Auditors.
Build a cross-functional team featuring data protection officers, IT managers, legal counsel, and business unit leaders.
The governing body establishes strategies, policies, and cultures that dictate acceptable data behavior. This ensures operational teams align with corporate objectives.