Information Security Governance

The NIST Security Handbook states that governance is highly dependent on the overall organization structure.

  • Centralized maintain budget control and ensure implementation and monitoring of information security controls.
  • Decentralized have policy and oversight responsibilities and budget responsibilities for their departmental security program not the operating unit information security program. 
  • Reporting structures are different as well.
  • Governance structures can be hybrid, with a combination of characteristics from both centralized and decentralized

Discuss why Security Governance should use the stated structures. Provide a simple case study that in where an organization can benefit from such controls. Do you think all organizations follow this principle?

Complete Answer:

Get Instant Help in Homework Asap
Get Instant Help in Homework Asap
Calculate your paper price
Pages (550 words)
Approximate price: -
Open chat
1
Hello 👋
Thank you for choosing our assignment help service!
How can I help you?