O'Reilly logo

Advanced Persistent Security by Araceli Treu Gomes, Ira Winkler

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8

Governance

Abstract

Security governance is the combined set of tools, personnel, and processes that provide for formalized risk management. It includes organizational structure, roles and responsibilities, metrics, processes, and oversight, as it specifically impacts the security program. While governance is embodied in a set of documents, specifically standards, guidelines, policies, and procedures, to have an effective security program, the appropriate resources need to be allocated, as defined within the governance.

Without the formalization, and especially the implementation of governance, a security program is an accident. It would otherwise rely upon having the appropriately skilled people running the program, who are allocated the ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required