This document discusses governance models for technology and information systems. It introduces ISO standards for information security (ISO/IEC 27000) and corporate governance of information and communication technology (ISO/IEC 38500). It also discusses frameworks for IT governance and information systems auditing, including COBIT, CMMI, ITIL, and definitions of internal/external audits. The key standards and frameworks are introduced along with their purposes in governance, security, and auditing of technology and information systems.