From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 1 Information Security Governance

Unlock the full course today

Join today to access over 24,000 courses taught by industry experts.

Information security governance

Information security governance

- [Instructor] Information security governance is the set of practices and structures that an organization puts in place to ensure effective oversight of security activities. Governance is the responsibility of all levels of leadership within an organization, and it takes place outside of the security function. Leaders involved in security governance include the chief information security officer, the chief information officer, the chief executive officer, and even the board of directors. Everyone with a responsibility to protect the ongoing effectiveness of the organization plays an important role in the information security governance process. The IT Governance Institute outlines five important roles for information security governance. Security governance practices should align security strategy with the organization's business strategy. Everything that happens in an information security program should advance the…
