This position paper presents an overview of key insights on IT governance. The core concepts discussed in this paper are informed by ISO 38500, which is the internationally recognized standard that provides governing bodies and those who advise and assist them with guidance on how to effectively govern IT and meet compliance with their external regulatory obligations and internal policies. This standard, along with insights from pertinent academic and practitioner literature and subject matter experts, have informed the development of IVI’s IT-CMF Governance (GOV) Critical Capability
