ISO/IEC 38500 provides principles, definitions, and a model to help the governing bodies understand the importance of Information Technology (IT).This standard is intended to help all types of organizations in evaluating, directing...
ISO 31000 specifies principles and guidelines for risk management for identifying, assessing and mitigating risks faced by organizations. It recommends organizations to develop, implement and continuously improve a framework that aims to...