TECHNICAL ISO/IEC TR REPORT 38505-2 First edition 2018-06 Information technology Governance of IT — Governance of data - Part 2: Implications of IS0/IEC 38505-1 for data management Technologies de I'information - Gouvernance des technologies de Iinformation Partie 2: Implications de I'IS0/IEC 38505-1 pour la gestion des donnees Reference number IEC IS0/IEC TR 38505-2:2018(E) os1 @ IS0/IEC 2018 IS0/IEC TR 38505-2:2018(E) COPYRIGHTPROTECTEDDOCUMENT IS0/IEC 2018 All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either IsO at the address below or Iso's member body in the country of the requester. ISO copyright office CP 401 : Ch. de Blandonnet 8 CH-1214 Vernier, Geneva Phone: +4122 749 0111 Fax: +41 22 749 09 47 Email: [email protected] Website: www.iso.org Published in Switzerland ii @ IS0/IEC 2018 - All rights reserved IS0/IEC TR 38505-2:2018(E) Contents Page Foreword ..iv Introduction ..V 1 Scope. ..1 2 Normative references ..1 3 Terms and definitions ..1 4 Governance and management roles .2 4.1 General .2 4.2 The governance role. ..2 4.3 The management role .4 5 Connecting business strategy to data management .5 6 Establishing policies through the checklist of considerations .7 Annex A (informative) Example worksheets ..10 Annex B (informative) Applying the guidance - example coffee shop. .18 Annex C (informative) Case study example - travel service company. ..22 Annex D (informative) Case study example - China financial industry. ..25 Annex E (informative) Case study example - air transport IcT company ..30 Bibliography .36 IS0/IEC 2018 - All rights reserved ii