Answers
Governance is the set of responsibilities and practice exercised by those responsible for an enterprise with the goal of providing strategic direction ensuring that objective is are achieved ascertaining that risk are managed appropriately and verifying that enterprise's resources are used responsibly. Management process is the output from the governance process.
Corporate governance –An internal system encompassing policies processing and people which serves the needs of stakeholders and other stakeholders by directing and controlling management activities , with good business savvy , objectivity , accountability and integrity. Corporate governance is reliant on external Marketplace commitment and legislation , plus a healthy board culture which safeguards policies and processes. Corporate government is the combination of rules process or law by which businesses are operated regulated or controlled. Corporate governance is the collection of mechanisms process and relations used by various parties to control and operate corporations .
The board of directors is responsible for creating the Framework for corporate governance that best aligns business conduct with objectives . The main pillars of corporate governance are rules of law moral integrity , transparency , participation , responsibility and accountability , effectiveness and efficiency . The fundamental objective of corporate governance is to host and management stakeholders value and protect the interest of other stakeholders .
Information security governance – information security governance can be defined as a process of establishing and maintaining a framework and supporting management structure and processes to provide assurance that information security Strategies and aligned with the support businesses objectives are consistent with applicable laws and regulations through adherence to policies and internal control and provide assignment of responsibility all in an effort to manage risk . Information security governance insures that an organisation has correct information structures , leadership and guidance. Outcomes of information security governance – Resource Management by utilising information security knowledge and infrastructure efficiently and effectively.
Strategic alignment of information security with business strategy to support organisational objectives . Risk Management by educating appropriate measures to manage and mitigate risk and reduce potential impacts on information resources to an acceptable level. Performance measurement by measuring monitoring and reporting information security governance metrics to ensure that organisational objectives are achieved .
.