5.2 Technology Management and Governance
As indicated, there are a variety of national and international regulations along with various regulatory agencies. Later, we will go into some detail about how these fit into the information security management processes (risk assessment and risk management, specifically), along with criteria used to help managers comply with regulations and laws—as well as to help us ensure a well-managed organization from a security standpoint. At this stage, we will try to bridge between those two aspects for managing securely by briefly discussing management and governance.
Earlier, we defined governance, and previously we gave a summary of organizational and managerial rights and duties. Putting these two concepts ...
Get Information Security Management, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
