CHAPTER

13

Information Security Governance

THE CHAPTER DISCUSSES INFORMATION SECURITY GOVERNANCE. It also discusses information security policies. An organization’s governance structure is an important part of its information security program. Governance focuses on the structure used to protect resources and data. This structure must provide security and support business needs. Strong governance helps create strong security programs.

Organizations use policies, standards, guidelines, and procedures to create their security program. These documents help guide employee “conduct. They’re tools that organizations use in many ways. They make sure that information technology resources are secured. They also help protect an organization from ...

Get Legal Issues in Information Security, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.