Information Security Governance
IT security governance is the system by which an organization directs and controls IT security (adapted from ISO 38500). … Governance specifies the accountability framework and provides oversight to ensure that risks are adequately mitigated, while management ensures that controls are implemented to mitigate risks.