THIS CHAPTER DISCUSSES information security governance. It also discusses information security policies. An organization’s governance structure is an important part of its information security program. Governance focuses on the structure used to protect resources and data. This structure must support business needs and provide security. Strong governance helps create strong security programs.
Organizations use policies, standards, guidelines, and procedures to create their security program. These documents help guide employee conduct and state the organization’s rules for how information technology resources are secured. They also help protect an organization from legal liability.
Chapter 13 Topics
This chapter covers the following topics and concepts:
Chapter 13 Goals
When you complete this chapter, you will be able to: