Information Security Governance
The NIST Security Handbook states that governance is highly dependent on the overall organization structure.Centralized maintain budget control and ensure implementation and monitoring of information security controls.Decentralized have policy and oversight responsibilities and budget responsibilities for their departmental security program not the operating unit information security program.Reporting structures are different as well.Governance structures can be hybrid, with a combination of characteristics from both centralized and decentralizedDiscuss why Security Governance should use the stated structures. Provide a simple case study that in where an organization can benefit from such controls. Do you think all organizations follow this principle?
Our experts will write you a top-quality paper and revise it an unlimited number of times until you're 100% satisfied - or offer a refund.