Information Security Governance

The NIST Security Handbook states that governance is highly dependent on the overall organization structure.

  • Centralized maintain budget control and ensure implementation and monitoring of information security controls.
  • Decentralized have policy and oversight responsibilities and budget responsibilities for their departmental security program not the operating unit information security program. 
  • Reporting structures are different as well.
  • Governance structures can be hybrid, with a combination of characteristics from both centralized and decentralized

Discuss why Security Governance should use the stated structures. Provide a simple case study that in where an organization can benefit from such controls. Do you think all organizations follow this principle?

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now