CISM: Outcomes of Information Security Governance
Jump to navigation
Jump to search
Six basic outcomes of Information Security Governance:
- Strategic alignment
- Risk management
- Value Delivery
- Resource optimisation
- Performance measurement
- Assurance process integration
Strategic Alignment
- Ensures Policy Compliance
- Addresses Legislative Requirements
- Addresses Regulatory Requirements
Risk Management
- CISM: Risk Management
- Reducing uncertainty in business operations
- CISM: Risk Management
Value Delivery
- Optimising Security investments to support business objectives
- Set of security practices or baseline security requirements
- Prioritise greatest impact and business benefit.
- Use standard-based solution/s
- Optimising allocation of limited security resources
Performance Management
- Improving trust and customer relationships
- Improve Security Posture
- Improve Maturity CMMI
- Safeguarding reputation
Assurance Process Integration
- Assurance process integration
- See CISM: Assurance Process Integration—Convergence Convergence