The NIST Security Handbook states that governance is highly dependent on the overall organization structure.
Discuss why Security Governance should use the stated structures. Provide a simple case study that in where an organization can benefit from such controls. Do you think all organizations follow this principle?