Security
THE PRINCIPLES OF GOVERNANCE
Kevin Henry
CISSP-ISSAP, CISM CISA GSEC
kevinmhenry@msn.com
Agenda
The Importance of
Defining Security Governance
Governance
https://dictionary.cambridge.org/dictionary/english/governance
Purpose of Governance
The purpose of corporate governance is to facilitate effective,
entrepreneurial and prudent management that can deliver the
long-term success of the company.
https://www.icaew.com/technical/corporate-
governance/principles/principles-articles/does-corporate-
governance-matter
Corporate Governance
Corporate governance is the process and rules under which a
company is managed on the behalf of shareholders and
stakeholders. The board of directors is primarily responsible for
applying and maintaining a company's corporate governance
https://investinganswers.com/dictionary/c/corporate-governance
Characteristics and Terms Used with
Governance
Oversight Actions
Compliance Performance
Common Elements
Culture Reporting
Governance Influencers
Competitors Bankers
Governance
Standards Employees
Shareholders Management
Customers
IT Governance
The management of IT services in support of business
objectives and strategy
Security Governance
The responsible implementation of Security principles
and activities to support business strategy and mission.
Governance Elements
Corporate
Governance
Financial Security
IT Governance
Governance Governance
Corporate
Governance
Financial Security
IT Governance
Governance Governance
Strategic Objectives
Performance
Measurements
Governance is an important foundation for
a successful organization
Key Points It sets out the behaviors and actions of
each part of the organization
Review
Security Governance is a subset of
Corporate governance
Governance and Accountability
Accountability
Responsible Accountable
Consulted Informed
Example of Roles: Information Security Policy