ISO/IEC 38500 is an international standard for Corporate governance of information technology published jointly by the International [Organization for Standardization] (ISO) and the [International Electrotechnical Commission] (IEC). It provides a framework for effective governance of IT to assist those at the highest level of organizations to understand and fulfil their legal, regulatory, and ethical obligations in respect of their organizations’ use of IT. The standard is heavily based on the AS 8015-2005 Australian Standard for Corporate Governance of Information and Communication Technology, originally published in January 2005.