ISO/IEC 38500:2008 provides guiding principles for directors, senior executives and top level management on the effective, efficient, and acceptable use of Information Technology within their organizations.