Information Security Governance

Please click here to view our partners website that specialise in this subject.

Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations.

• Develop the information security strategy in support of business strategy and direction.
• Obtain senior management commitment and support for information security throughout the enterprise.
• Ensure that definitions of roles and responsibilities throughout the enterprise include information security governance activities.
• Identify current and potential legal and regulatory issues affecting information security and assess their impact on the enterprise.
• Establish and maintain information security policies that support business goals and objectives
• Ensure the development of procedures and guidelines that support information security policies.
• Develop business case and enterprise value analysis that support information security programme investments