Not a Gartner Client?
Want more research like this?
Learn the benefits of becoming a Gartner client.
Effective governance should be a cornerstone of security programs, and ineffective governance is the most common cause of failure. Security and risk management leaders need to implement governance capabilities that support accountability, authority, risk management and assurance.
Table of Contents
Implement Governance Processes and Activities That Support Accountability, Authority, Risk Management and Assurance
- Set and Manage Accountability and Decision Rights
- Decide Acceptable Risk
- Enable Risk Control
- Assure Control Effectiveness
Institute Appropriate Governance Roles and Forums
- The Executive Sponsor
- The Cybersecurity Steering Committee
- Midlevel Forums
- Cyber/Information Security Teams
Ensure That the Right People Are Involved in Governance Activities
- Implement Governance Processes and Activities That Support Accountability, Authority, Risk Management and Assurance
Gartner Recommended Reading