SECURITY GOVERNANCE 1

Security Governance

Students name

Institution affiliation

Date
 SECURITY GOVERNANCE 2

Security Governance

Introduction

           Security governance is an essential area of concern in the modern-day world whereby it is

a means much used in securing the information of a particular company or organization. Its main

aim in a company is to maintain the security measures in line with the success of the company. It

is important to note that different IT measures can be employed to reach the goal of making sure

that information security measures are enacted. Putting the governance into the bigger picture, it

has more significant roles in line with its goals whereby most of the decisions about a company

revolve around the area. Besides, risk-based decisions are made out of the information systems

of the company since the better the information governance systems in a company, the better the

decisions made since the staff members have no fear of their unique information and plan to leak

to other companies that may be their competitors. Security governance plays a significant role in

attaining of success of the company involved since security measures are employed at all times.

What is information security governance?

           Information security governance is the measures that are taken by any organization in line

with the goals, visions and missions a company wants to achieve. They include; processes that

are established by the company such as the implementation of ideas suggested, strategic

management of different tasks and duties in line with the success of the company. Apart from the

processes used, their other measure taken for information security is tools used. This comes in

with the company employing the right type of tools to protect information concerning the

company. 

           Some of the tools that can be used are quality software's which need access to be used.

This is one of the security measures in the sense that no one tampers with the company's private
 SECURITY GOVERNANCE 3

information. Perimeter walls and gates are an essential physical tool in taking care of the

company's governance whereby intruders are kept at bay by the sign of the physical features. The

other physical tool that can be employed is the CCTV cameras which have precise surveillance

of any unauthorized personnel in a company. They enhance the security of the company whereby

intruders of any kind are monitored to not come near the company. Besides, in case of any crisis

whereby there is a loss of information in the systems, the CCTV cameras are of great aid since

they help in showing the concerned parties that have done the act without strain.

           The measure of performance is vital when information security governance is involved

whereby the firewall is a crucial measure that can be used to attain the governance. It is a system

that ensures that unauthorized persons don't get access to private data in a company. Its primary

role is to filter information that enters and leaves the systems of a company. It is a measure that

is highly recommended since there is the assurance of keeping all the information in place with

no fear of leakage to third parties.

What are some of the typical organizational roles involved in Security Governance?

           The need for an organization to comply with the measures they have put into place in line

with security governance of the company is a role. (Koohang, 2020) It includes the staff within

the company who propel the role by having unity within the company. This is enhanced by

professionalism amongst all the staff members who work knowing what information they need to

reveal and the one that is to keep for the goal of the security measures in place. When the staff

members have a role in the mind of preserving delicate information in the company, that is the

most crucial step to attaining security governance. 

           Putting the right policies in mind is a significant role that every company must include in

their vision and mission as they want to attain success. It is important to note that when strict
 SECURITY GOVERNANCE 4

policies are put into place, most of the staff members can have work ethics such as discipline

hence, cannot reveal information to third parties (Cadena,2020). Besides, the right policies give a

guideline to most of the staff members since rules and regulations are put into place concerning

the governance of the company's information. Some of the policies to guard the information of

the company may include sacking whereby when a staff member is found leaking the company's

information undergoes through the punishment of losing their jobs. This is a condition most of

the people would not want to find themselves in since they largely depend on the salaries, they

get for their day to day life.

What documentation is associated with security governance

                      There are different documentations of different authors that comply with security

governance at large. They include ethics of care which is a book that documents different views

and ethical guidelines in line with information security governance. The author, (Robinson,

2011), has a unique way of passing across the documentation whereby she puts the female

gender in the limelight of security governance just as the title suggests "A Feminist Approach to

Human Security". She arguably says in the documentation of her book that security is best done

and is successful if an ingredient by the name care is in place. She primarily focuses on the

effects lack of information security can have in any company or organization.

           The other documentation of interest is the government's documents that may be done

through the use of periodicals. The documentations concerning information governance is

regulated and communicated by the government companies that have the authority. This helps to

create awareness to most company personnel; hence they can come up with the right measures to

employ to protect the company's reputation through securing its most delicate information. When

most people in companies have the information at hand, they get to understand more about how
 SECURITY GOVERNANCE 5

to run away from devices that cannot serve the privacy of their information. This, therefore,

makes most of the budget and set aside revenues for enhanced, quality software products that

play the role of protecting their information.

What are some of the policies use within the Information Security Governance process?

Policies are the guidelines that bring out acceptable and unacceptable behaviors by the

employees in the workplace (Diesch,2020). Deployment of biometrics such as fingerprints, face

recognition in all areas in the company whereby they uniquely identify an employee without

strain. Besides, the other policy is the use of access control protocols such as scans which are

used to access printers, computers and scanners in different departments within the organization.

The third policy is ensuring that data is encrypted while being shared with external users. This

helps in protecting the information; hence it is not accessible by unauthorized people.

Additionally, a policy used in most companies is setting a specific criterion of coming up with

passwords which are security measures that protect most of the data in a particular company.

What are some of the measures, metrics, and methods to ensure governance compliance?

           Governance compliance is techniques and ways to keep the policies of a company in place

whereby corruption is not accepted. (Slayton, 2020) There are different measures ad methods

used in line with governance compliance; some of them include, signing of documents on

agreements that guide both the makers of the policies concerning the information being g

governed. Punishments are a method that can ensure governance compliance since most of the

employees know that they can be punished through maybe suspension from work or being

sacked. This helps them have a lot of vigilance as they relate with different people not to reveal

the information. The other measure used is educating the employees on the risks of revealing the
 SECURITY GOVERNANCE 6

company's information to third parties. This helps the employees to be very cautious with the

information they have about the company and how to handle it.

Conclusion

           In conclusion, when the systems of a particular entity are protected using different

security measures, they can accomplish most of their goals. This is because they have a peace-

maintained environment whereby there is no crisis involved caused by information leaked.

Besides, most of the activities within the organizations are promoted since they have the work

ethics concerning information governance that helps them maintain the information they know

about the organization. Staff members in any organization are encouraged to observe information

governance ethics to promote a conducive environment for work.

 SECURITY GOVERNANCE 7

References

Cadena, A., Gualoto, F., Fuertes, W., Tello-Oquendo, L., Andrade, R., Tapia, F., & Torres, J.

(2020). Metrics and Indicators of Information Security Incident Management: A

Systematic Mapping Study. In Developments and Advances in Defense and Security (pp.

507-519). Springer, Singapore.

Diesch, R., Pfaff, M., & Krcmar, H. (2020). A comprehensive model of information security

factors for decision-makers. Computers & Security, 92, 101747.

Koohang, A., Nowak, A., Paliszkiewicz, J., & Nord, J. H. (2020). Information Security Policy

Compliance: Leadership, Trust, Role Values, and Awareness. Journal of Computer

Information Systems, 60(1), 1-8.

Robinson, F. (2011). The ethics of care: A feminist approach to human security.

Slayton, R. (2020). Governing Uncertainty or Uncertain Governance? Information Security and

the Challenge of Cutting Ties. Science, Technology, & Human Values,

0162243919901159.