Governance and Compliance
Even in the best of situations, an organization can be challenged to provide evidence that policies are implemented, enforced, and working as designed. The process includes collecting, testing, and reporting evidence. This can be tiresome and time-consuming, especially when an organization struggles to address what may seem to be endless audit findings. These audits can lead to retesting and more control deficiencies and risks identified.
Implementing a governance framework can allow the organization to identify and mitigate risks in an orderly fashion. Once in place, the ability to quickly respond to audit requests drastically improves. The framework provides the ability to measure risk in a few ways:
- In the context ...
Get Security Policies and Implementation Issues, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
