ISO/IEC 38505 provides guidance for governing the use of data and analytics in support of organizational decision-making. Below is a concise, shareable post you can use to inform colleagues or publish on internal channels, with a note that a PDF version is available.
Key points
Call to action
Short post version (for social/internal sharing) ISO/IEC 38505 offers board-level guidance for governing data analytics — ensuring alignment with strategy, accountability, transparency, data quality, ethical use, and risk management. Download the PDF to build a robust analytics governance program that improves decision-making and reduces analytics-related risks.
Related search suggestions (Invoking related search terms tool...)
The ISO/IEC 38505 series focuses on the governance of data, providing a framework for governing bodies to evaluate, direct, and monitor how data is handled within an organization. A "complete feature" based on this standard would likely be an Automated Data Accountability & Classification Dashboard.
Below is a breakdown of how such a feature would look, grounded in the standard's core components: 1. Unified Data Accountability Map
Building on ISO/IEC 38505-1, this feature would provide a high-level strategic view of the data portfolio.
Strategic Alignment: Links data assets directly to business goals, ensuring every data set serves a clear purpose.
Responsibility Tracking: Explicitly maps which roles are accountable for specific data sets, moving beyond simple management to true governance oversight. 2. Intelligent Data Classification Engine
Following the guidelines in ISO/IEC TS 38505-3, this component automates the labeling of data based on three critical factors:
Value: Identifies the business worth of the data to prioritize protection resources.
Sensitivity: Automatically flags PII (Personally Identifiable Information) or proprietary secrets.
Risk: Assesses the potential impact of data loss or misuse, aligning with broader risk management frameworks like ISO 27001. 3. "Evaluate, Direct, Monitor" (EDM) Workflow
The feature should embed the standard's core governance model into daily operations: ISO/IEC 38505-1:2017(en), Information technology
Some standards bodies sell “handbooks” or “implementation guides” that explain the standard in 50–200 pages. For example:
You may also find conference papers, theses, or consulting whitepapers analyzing ISO 38505 in depth (search Google Scholar for "ISO 38505" data governance governance report).
ISO 38505 is the bridge between technical data management and corporate governance. It ensures that data is not just a byproduct of business operations, but a strategic asset managed with care and foresight.
Whether you are a C-level executive or a compliance manager, familiarizing yourself with ISO 38505 is essential. And as you build your governance framework, remember to treat your documentation with the same respect you treat your data—secure it, sign it, and preserve it, preferably in a secure PDF format.
Have you implemented ISO 38505 in your organization? What challenges did you face in getting the board to engage with data governance? Let us know in the comments below!
ISO/IEC 38505 series provides a comprehensive framework for the governance of data
. It extends the general IT governance principles of ISO/IEC 38500 to specifically address data as a strategic organizational asset. Sogeti Labs Core Standard Components
The series is divided into three primary parts, which can be accessed through the Official ISO Store ISO/IEC 38505-1 (2017): Application of ISO/IEC 38500 to the governance of data. ISO/IEC TR 38505-2 (2018): Technical report on the application of data governance. ISO/IEC TS 38505-3 (2021): Guidelines for data classification. www.wd-cert.com 🏗️ Governance Model & Features
The standard focuses on a high-level, principles-based approach to help governing bodies evaluate, direct, and monitor iTeh Standards Key Governance Principles Responsibility: Assigning clear accountability for data. Aligning data usage with organizational goals. Acquisition: Governance of how data is created or collected. Performance: Ensuring data adds measurable value. Conformance: Meeting legal and regulatory obligations. Human Behavior: Considering the impact of data on people. ISO - International Organization for Standardization Data Accountability Map
The standard identifies specific lifecycle stages where governance must be applied: ISO - International Organization for Standardization Directing how data enters the system. Governing security and persistence. Ensuring accuracy in data presentation. Using data ethically for decision-making. Distribute: Managing how data is shared externally. Securely removing data when no longer needed. 🛠️ Practical Implementation
Organizations use this standard to move from reactive management to proactive governance. Data Classification:
Part 3 provides specific guidance on managing value, sensitivity, and risk through classification. iTeh Standards Efficiency Gains:
Implementation can improve data processing efficiency by up to 40% through standardized procedures. Nemko Digital Audit Readiness: Tools like the ISO 38505 Toolkit
provide templates for ownership, stewardship, and risk reporting. it-toolkits.org Quick Summary:
ISO/IEC 38505 is not about the technical "how-to" of databases, but about the strategic oversight
of data to ensure it is used effectively, ethically, and legally. Sogeti Labs draft a policy based on these principles, or are you looking for a to evaluate your current data governance maturity? international standard iso/iec 38505-1
Think of ISO/IEC 38505 as the "instruction manual" for the people at the very top of an organization—the board and executives—to make sure they aren't just letting data sit in a basement, but are actually treating it as a valuable (and risky) asset.
While a "PDF" of the standard itself is a copyrighted document you usually have to buy, 🧩 What is ISO 38505?
It is a global framework for the Governance of Data. Unlike technical standards that tell IT how to encrypt a database, this one tells leaders how to decide what should happen to data.
The Goal: Aligning your data strategy with your business goals while keeping regulators happy.
The Relation: It’s a "child" of ISO/IEC 38500, which covers general IT governance. 🏗️ The Core Framework: EDM
The standard relies on the Evaluate, Direct, and Monitor (EDM) model to keep data under control:
Evaluate: Leaders look at the current and future use of data. Is it helping us make money? Is it a liability?
Direct: They set the policies and strategies. "This is how we will use data, and these are the ethical lines we won't cross."
Monitor: They check in to ensure the rules are actually being followed and that the data is performing as expected. ⚖️ Why You’d Want the PDF
If you are working in a corporate or legal capacity, the ISO/IEC 38505-1:2017 document provides the formal structure needed to:
Achieve Compliance: It helps you build a system that naturally fits with laws like GDPR or CCPA.
Manage Accountability: It clarifies who is actually "on the hook" if data is mismanaged across its entire lifecycle.
Bridge the Gap: It acts as a translator between the "tech speak" of IT and the "business speak" of the boardroom. 🛠️ Key Implementation Pillars
When you dive into the standard, it asks you to look at data through six specific lenses: Responsibility: Who owns the data? Strategy: Why are we even collecting this? Acquisition: How are we getting it? Performance: Is the data actually useful? Conformance: Are we following the law? Human Behavior: How are our employees treating the data? 📂 Where to find it
Since it is a protected international standard, you can't officially download it for free. You can find the official copy and previews at: The ISO Store for the primary 38505-1 document.
Compliance platforms like Nemko which offer deep dives into how it helps with modern regulations.
Are you looking to implement this for a specific industry, or do you need a comparison with other standards like ISO 27001?
ISO/IEC 38505-1:2017 - Information technology — Governance of IT iso 38505 pdf
ISO/IEC 38505 provides a strategic framework for data governance, focusing on aligning data usage with business goals, compliance, and risk management. Experts regard it as a "North Star" standard that, while resource-intensive, establishes consistent, global benchmarks for data accountability and security. More details on this standard can be found at Sogeti Labs Kemp IT Law Applying ISO Standards to Strengthen Data Governance
Understanding ISO 38505: A Comprehensive Guide to IT Asset Management
In today's digital age, organizations rely heavily on information technology (IT) to drive business success. As a result, managing IT assets effectively has become a critical aspect of ensuring operational efficiency, reducing costs, and mitigating risks. One key standard that helps organizations achieve these goals is ISO 38505, a widely adopted international standard for IT asset management. In this article, we will explore the ins and outs of ISO 38505, its benefits, and how to implement it, with a focus on the ISO 38505 PDF.
What is ISO 38505?
ISO 38505 is an international standard published by the International Organization for Standardization (ISO) that provides guidelines for IT asset management. The standard was first published in 2015 and was revised in 2022. It provides a framework for organizations to manage their IT assets throughout their entire lifecycle, from acquisition to disposal.
The standard is designed to help organizations:
Key Components of ISO 38505
The ISO 38505 standard consists of several key components, including:
Benefits of Implementing ISO 38505
Implementing ISO 38505 offers numerous benefits to organizations, including:
How to Implement ISO 38505
Implementing ISO 38505 requires a systematic approach, including:
The ISO 38505 PDF
The ISO 38505 PDF is a valuable resource for organizations looking to implement the standard. The PDF provides a comprehensive overview of the standard, including its key components, benefits, and implementation guidelines.
Some key features of the ISO 38505 PDF include:
Conclusion
In conclusion, ISO 38505 is a valuable standard for organizations looking to improve their IT asset management practices. By implementing the standard, organizations can optimize IT asset utilization, reduce costs, and mitigate risks. The ISO 38505 PDF is a comprehensive resource that provides guidelines, best practices, and examples for implementing the standard. Whether you're an IT professional, a manager, or a stakeholder, understanding ISO 38505 and its benefits can help you drive business success.
Additional Resources
For more information on ISO 38505 and IT asset management, we recommend the following resources:
By leveraging these resources, organizations can take the first step towards improving their IT asset management practices and achieving operational efficiency, cost savings, and risk mitigation.
I’m unable to provide a direct PDF download or full report text for ISO 38505 (which covers data governance, part of the ISO 38500 series), as it is a copyrighted standard that must be purchased from authorized standards bodies like ISO, IEC, ANSI, or your national standards agency.
However, if you need a long report or detailed summary of ISO 38505 (particularly ISO/IEC 38505-1:2017 – Governance of data), here’s what you can do:
Published as a Technical Specification (TS) in 2018, this part is more practical. It maps the governance objectives from Part 1 directly onto specific data management activities, such as:
Note: Part 2 is not a standalone document; it supplements Part 1. A complete “ISO 38505 PDF bundle” would include both.
In the modern corporate landscape, data is often described as the "new oil." However, unlike oil, data is intangible, fluid, and incredibly difficult to govern. While most organizations have heard of ISO 27001 (Information Security) or ISO 27701 (Privacy), there is a critical standard that often flies under the radar: ISO 38505.
If you are searching for an "ISO 38505 PDF," you are likely looking to understand how to govern data effectively within your organization. In this post, we will explore what ISO 38505 is, why it matters, and how the ubiquitous PDF format plays a surprising role in data governance.
The standard introduces the “E-D-A” framework for governing data:
It also emphasizes six key principles for data governance:
Please don’t ask for or share unauthorized copies. Violating ISO copyright can lead to legal action, and free PDFs shared online often contain malware or outdated drafts.
Bottom line:
Would you like a detailed bullet-point outline of ISO 38505-1’s clauses (which you could turn into a long report on your own), or help with a literature search for academic analysis papers on this standard?
Title: ISO 38505:2017 - Governance of IT - Guide to governance of high-impact systems
Publication Date: 2017
Summary: This standard provides guidance on the governance of high-impact IT systems, which are systems that have a significant impact on an organization's operations, finances, or reputation. The standard aims to help organizations ensure that their IT systems are aligned with their overall strategy and goals, and that they are managed and used effectively.
Key Features:
Benefits: Implementing the guidelines and principles outlined in ISO 38505 can help organizations:
Who can benefit: This standard is relevant to:
You can download the ISO 38505 PDF from the official ISO website or other authorized sources.
Would you like to know more about a specific aspect of the standard?
You're looking for a full report on "ISO 38505 PDF". Here's what I found:
Overview
ISO 38505 is an international standard published by the International Organization for Standardization (ISO) that provides guidelines for the governance of IT-enabled investment in an organization. The standard aims to help organizations make informed investment decisions in IT-enabled projects, programs, and portfolios.
Full Title
The full title of the standard is "ISO 38505-1:2017 Information technology — Governance of IT-enabled investment — Part 1: Framework and principles".
Scope
The standard provides a framework for the governance of IT-enabled investment, which includes:
Key Principles
The standard is based on several key principles, including: Informative Post: ISO/IEC 38505 — Governance of Data
Benefits
The benefits of implementing ISO 38505 include:
PDF Availability
You can download a PDF copy of the ISO 38505 standard from the official ISO website or other online platforms that sell international standards. Here are a few options:
Summary
In summary, ISO 38505 provides a framework for the governance of IT-enabled investment, which helps organizations make informed investment decisions and ensure that IT-enabled investments deliver expected value. The standard is based on key principles such as alignment with organizational objectives, transparency and accountability, risk management, and value realization. You can download a PDF copy of the standard from various online platforms.
ISO/IEC 38505 is a high-level, principles-based standard designed to guide governing bodies on the effective, efficient, and acceptable use of data within their organizations. It defines data governance as a subset of IT governance, which in turn is a domain of overall corporate governance. Understanding the ISO 38505 Series
The standard is split into two primary parts that work together to bridge the gap between high-level oversight and day-to-day management:
ISO/IEC 38505-1:2017: Applies the principles of ISO/IEC 38500 to data, focusing on six core principles: Responsibility, Strategy, Acquisition, Performance, Conformance, and Human Behavior.
ISO/IEC TR 38505-2:2018: Provides a "Technical Report" on the implications of Part 1 for data management, offering a checklist of considerations to help translate governance strategy into practical policies. Core Governance Pillars
The framework evaluates data across three specific dimensions to ensure it remains a strategic asset rather than a liability:
Value: Focusing on data quality, timeliness, and context to ensure it is fit for purpose.
Risks: Implementing classification schemes and security protocols to mitigate data-related threats.
Constraints: Ensuring all data use aligns with legal, regulatory (like GDPR), and societal requirements. The Data Accountability Map
A key technical contribution of ISO 38505 is the Data Accountability Map, which tracks accountability across the entire data lifecycle:
Part 1: Application of ISO/IEC 38500 to the governance of data
The ISO/IEC 38505 series is widely regarded by industry experts as a critical "north star" for organizations seeking to elevate data management into strategic data governance [10, 11]. Unlike operational frameworks that focus only on technical execution, this standard provides a high-level, principles-based advisory for governing bodies to effectively evaluate, direct, and monitor data use [16, 17]. Key Highlights of the ISO/IEC 38505 Series
Strategic Alignment: It bridges the gap between high-level IT governance and daily operations, ensuring data initiatives directly support organizational goals [9, 11].
Risk vs. Value Balance: The framework helps boards maximize the value of their data assets while strictly controlling associated risks, such as privacy and security [12, 16].
Comprehensive Coverage: It applies to all organizations—public, private, or non-profit—regardless of size or their current level of data dependency [8, 17].
Complementary Nature: It works seamlessly with other popular frameworks. For instance, many organizations use ISO 38505 for visionary oversight while utilizing DAMA-DMBOK to manage technical processes [10, 11]. Series Overview Primary Focus
The Strategic Governance of Data: An Analysis of ISO/IEC 38505
In the modern digital economy, data has transitioned from a byproduct of business processes to a primary strategic asset. As organizations grapple with increasing volumes of information and tightening regulatory frameworks, the need for a structured approach to data management has become paramount. ISO/IEC 38505, titled "Information technology — Governance of IT — Governance of data," provides a comprehensive framework designed to help governing bodies ensure that their organization's use of data is effective, efficient, and acceptable. The Relationship Between IT and Data Governance
ISO/IEC 38505 is an extension of the foundational ISO/IEC 38500 standard, which outlines the principles for the corporate governance of information technology. While IT governance focuses on the systems and processes that manage information, ISO/IEC 38505 specifically addresses the data itself. It acknowledges that while IT provides the "plumbing," the data flowing through those pipes carries the actual value and risk. By separating data governance from general IT governance, the standard allows leaders to focus on the unique lifecycle of data—from collection and storage to use and eventual disposal. The Six Principles of Data Governance
The standard is built upon six core principles that guide the governing body’s decision-making process:
Responsibility: Assigning clear accountability for the management and use of data.
Strategy: Ensuring that data initiatives align with the overall business objectives.
Acquisition: Governing how data is collected, created, or purchased to ensure quality and legality.
Performance: Monitoring data-driven activities to ensure they deliver the intended value.
Conformance: Ensuring data usage complies with legal, regulatory, and internal policy requirements.
Human Behavior: Considering the impact of data use on individuals and society, emphasizing ethical considerations. The "Evaluate, Direct, Monitor" Model
ISO/IEC 38505 employs the EDM (Evaluate, Direct, Monitor) model to operationalize these principles. Under this framework, the governing body must first evaluate the current and future use of data, weighing risks against opportunities. They then direct the organization by setting policies and strategies that dictate how data should be handled. Finally, they monitor performance and compliance to ensure that the directives are being followed and that the data is serving the organization’s goals. Managing Data Accountability
A unique contribution of the ISO/IEC 38505 series (specifically Part 1 and Part 2) is the focus on data accountability. The standard provides a "Data Accountability Map" that helps organizations identify who is responsible for data at various stages of its lifecycle. This is particularly critical in the era of the General Data Protection Regulation (GDPR) and other privacy laws, where a lack of clear accountability can lead to significant legal and financial repercussions. Conclusion
ISO/IEC 38505 serves as a vital blueprint for any organization looking to move beyond technical data management toward true strategic data governance. By providing a common language and a structured methodology, it enables boards and executives to oversee data assets with the same level of rigor applied to financial or human resources. In an era where data integrity and ethics are central to brand reputation, adhering to this standard is not just a matter of compliance, but a cornerstone of sustainable business success.
The ISO/IEC 38505 standard provides a comprehensive framework for the governance of data, specifically addressing how organizations can treat data as a strategic asset while managing its inherent risks. Guide to ISO/IEC 38505: Data Governance 1. Core Principles of Data Governance
The standard identifies six primary principles that governing bodies must apply to their data assets:
Responsibility: Ensuring specific individuals or groups are accountable for data-related decisions.
Strategy: Aligning data usage with the organization's overall business goals.
Acquisition: Governing how data is collected, created, or purchased.
Performance: Monitoring data usage to ensure it delivers the expected value.
Conformance: Ensuring data practices comply with legal, regulatory, and internal policies.
Human Behaviour: Addressing the human element in data handling to maintain ethical standards. 2. Strategic Implementation Stages
Implementation typically follows three levels of enterprise interaction:
Executive Level: Sets the "North Star" or vision for data governance, defining risk appetite and value expectations.
Management Level: Develops the policies and frameworks to execute the executive vision.
Operations Level: Implements daily data management activities, including collection, storage, and processing. 3. Key Components of the Standard
The ISO 38505 series is divided into specific parts to address different governance needs:
Part 1 (ISO/IEC 38505-1): Focuses on the governance of data as a subset of IT governance, providing a "checklist of considerations" for governing bodies. Purpose: Helps boards and executives ensure data and
Part 2 (ISO/IEC TR 38505-2): A technical report that explains how to link business strategy to data management and establish actionable policies.
Part 3 (ISO/IEC TS 38505-3): Provides specific guidelines for Data Classification, a critical tool for managing security and regulatory requirements. 4. Actionable Checklist for Organizations To align with the standard, governing bodies should:
ISO/IEC PRF 38505-1 - Information technology — Governance of data
ISO/IEC 38505 is a multi-part international standard providing a framework for the governance of data
. It bridges the gap between high-level IT governance (defined in ISO/IEC 38500) and the practical management of data as a strategic asset. ISO - International Organization for Standardization Core Series Structure The series is currently divided into several key documents: ISO/IEC 38505-1:2017 (Part 1) : Focuses on the application of ISO/IEC 38500 principles
to data governance. It establishes the fundamental vocabulary and the "Data Accountability Map". ISO/IEC TR 38505-2:2018 (Part 2) : Provides technical guidance on the implications for data management
. It helps governing bodies evaluate, direct, and monitor data strategies. ISO/IEC TS 38505-3:2021 (Part 3) : Offers practical guidelines for data classification to support organizational policy. ISO - International Organization for Standardization The Data Accountability Map
The standard uses a lifecycle approach to ensure accountability across six primary data areas: ISO - International Organization for Standardization
ISO/IEC 38505-1:2017(en), Information technology — Governance of IT
ISO/IEC 38505 series provides a high-level, principles-based framework for the governance of data. It applies the core IT governance principles from ISO/IEC 38500 specifically to the lifecycle and strategic use of data. iTeh Standards The ISO/IEC 38505 Series Structure
The series is divided into three primary documents, each serving a distinct role in the data governance hierarchy: ISO/IEC 38505-1:2017 (Application of ISO/IEC 38500)
: This is the foundational standard. It defines data governance as a subset of IT governance and establishes six core principles: responsibility, strategy, acquisition, performance, conformance, and human behavior. ISO/IEC TR 38505-2:2018 (Implications for Data Management)
: This technical report provides guidance for governing bodies and executive managers on how the principles in Part 1 impact actual data management activities.
ISO/IEC TS 38505-3:2021 (Guidelines for Data Classification)
: This technical specification offers practical guidance on using data classification to manage the value, sensitivity, and risk of an organization's data portfolio. ISO - International Organization for Standardization Key Governance Principles
Organizations are encouraged to evaluate, direct, and monitor their data usage through these six lenses: Responsibility:
Establishing clear accountability for data-related decisions.
Ensuring data initiatives align with overall business objectives. Acquisition: Directing how data is systematically collected or procured. Performance: Monitoring the effectiveness and value generated by data. Conformance: Ensuring adherence to regulations like GDPR or CCPA. Human Behavior:
Considering the human and cultural factors in data handling. iTeh Standards Implementation and Compliance Target Audience
: The standard is applicable to all organizations—public, private, or non-profit—regardless of size. Lifecycle Focus
: It covers the entire data lifecycle: collect, store, report, decide, distribute, and dispose. Strategic Value
: Organizations implementing these standards report improved data quality, reduced compliance incidents, and faster decision-making cycles. ISO - International Organization for Standardization Accessing the PDF
Official versions of these standards are copyrighted and must typically be purchased through recognized national or international standards bodies. You can find official copies at: ISO Official Site ISO/IEC 38505-1 ISO/IEC TS 38505-3 BSI Knowledge BS ISO/IEC 38505-1 ANSI Webstore Standard Previews
are often available for free to review the scope and table of contents before purchase. gap analysis checklist
based on the six governance principles mentioned in the standard?
Part 1: Application of ISO/IEC 38500 to the governance of data
ISO/IEC 38505 is the premier international standard for the governance of data. It provides a high-level framework for governing bodies to evaluate, direct, and monitor the use of data within their organizations. In an era where data is often more valuable than physical assets, a secure and strategic "ISO 38505 PDF" has become a foundational document for executives and IT leaders worldwide. 📘 Understanding the ISO/IEC 38505 Series
The ISO 38505 series is part of the broader ISO/IEC 38500 family, which focuses on the governance of information technology (IT). While general IT governance covers hardware and systems, ISO 38505 drills down into the data itself as a strategic asset. The series currently consists of several key parts:
ISO/IEC 38505-1:2017: Application of ISO/IEC 38500 to the governance of data. This is the core document establishing principles and a model for data governance.
ISO/IEC TR 38505-2:2018: Implications for data management. This technical report provides guidance on how to translate governance principles into operational data management practices.
ISO/IEC TS 38505-3:2021: Data accountability map. This part focuses on maintaining oversight of the data portfolio and understanding the business context, value, and risks. 🏛️ Core Principles of ISO 38505
The standard adapts the six principles of ISO/IEC 38500 specifically for the data domain. These principles guide governing bodies in ensuring data is used effectively, efficiently, and acceptably:
Responsibility: Clear assignment of who is accountable for data assets.
Strategy: Aligning data use with the organization's business objectives.
Acquisition: Ensuring data is sourced ethically and legally.
Performance: Measuring how data use contributes to business success.
Conformance: Ensuring data practices follow laws, regulations, and internal policies.
Human Behavior: Acknowledging the impact of people on data quality and security. 🚀 Why Organizations Need the ISO 38505 Framework
Implementing this standard moves data from being a "IT problem" to a "business opportunity". Key benefits reported by organizations include:
🛡️ Risk Mitigation: Identifies and manages risks related to privacy, security, and regulatory compliance (like GDPR or HIPAA).
📈 Strategic Value: Helps leaders ask "big questions" about how data drives value and supports long-term growth.
⚙️ Operational Efficiency: Standardizes processes, which can lead to up to a 40% improvement in data processing efficiency.
🤝 Stakeholder Trust: Demonstrates a commitment to ethical data use, enhancing the reputation of the organization.
Part 1: Application of ISO/IEC 38500 to the governance of data
The ISO/IEC 38505 standard provides a comprehensive framework for governing data by aligning its use with strategic goals and risk appetite, featuring a Data Accountability Map for structured oversight. The framework covers the full data lifecycle across three parts, focusing on accountability, management, and classification to balance value extraction with regulatory constraints. Read the full ISO/IEC 38505-1 standard overview at ISO.org. ISO/IEC 38505-1:2017(en), Information technology
Understanding ISO/IEC 38505: The Global Standard for Data Governance
The ISO/IEC 38505 series is a critical international standard designed to guide governing bodies on the effective, ethical, and strategic use of data within their organizations. Often sought after as an ISO 38505 PDF, this document serves as a foundational roadmap for transforming data from a simple operational byproduct into a high-value strategic asset. What is ISO/IEC 38505?
ISO/IEC 38505 is part of the broader ISO/IEC 38500 family, which focuses on the corporate governance of information technology (IT). While ISO 38500 provides high-level principles for IT governance, ISO 38505 specifically applies those principles to data.
The standard is divided into several parts to address different aspects of governance: Data Governance Frameworks -The ISO 38505 - Sogeti Labs