CHAPTER 15: GOVERN AND ASSURE
Validate your security efforts, make corrections and improvements where possible, and ensure ongoing board-level oversight of and commitment to cyber security.
The final CRF control category, ‘govern and assure’, comprises activities that ensure and demonstrate an ongoing and organisation-wide commitment to security. Governance is about ensuring the project is suitably overseen, and assurance is about providing evidence to the oversight authority (both internal and external, where necessary) so they can make sensible, reasoned decisions about it. More concretely, that might mean making your chosen cyber security processes part of a larger structure, with clear governance lines (see 15.4) and visible board-level ...
Get The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
