You have been asked to establish a security governance program for an organization that currently lacks formal security oversight. How would you structure this program, what key components would you include, and how would you gain organizational buy-in?

Question

Accepted Answer

Establishing a security governance program requires building structures that provide oversight, accountability, and direction for information security across the organization.

You have been asked to establish a security governance program for an organization that currently lacks formal security oversight. How would you structure this program, what key components would you include, and how would you gain organizational buy-in?

Sample answer preview

Unlock the full answer