Security governance is the collection of practices related to supporting, defining, and directing the security efforts of an organization. Security governance principles are often closely related to and often intertwined with corporate and IT governance.
Below figure explains the responsibilities, Priorities of Governance committee and also discuss the need/driving factor for Security Governance. This is a Top-Down approach of Enterprise Governance.
In our Next blog, I will discuss about the Roles & Responsibilities of CISO/CSO/ISO and elements of “Designing Security Framework”.
Pingback: Domain 1: Security & Risk Management – mrcissp