Establish Effective Security Governance & Management

The key is in stakeholder interactions, not policy and process.

Book This Workshop

A lack of security governance and management usually leads to a state of near lawlessness that:

  • Increases risk unnecessarily.
  • Causes stakeholder groups to work in cross purposes due to a lack of formal accountability.
  • Blurs the line between governance and management leading to ad-hoc decision making that undermines organizational standards.

Model your security governance and management around stakeholder interactions to:

  • Avoid inefficiency and redundancy in business processes.
  • Ensure accountabilities are assigned to a single stakeholder group.
  • Assign management responsibilities to only those that need to execute them.
  • Determine key stakeholder interactions and their necessary inputs and outputs.

Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Book Now

Module 1: Evaluate

The Purpose

  • Evaluate governance and management priorities.

Key Benefits Achieved

  • Prioritize governance accountabilities.
  • Prioritize management responsibilities.

Activities: Outputs:
1.1 Prioritize governance accountabilities.
1.2 Prioritize management responsibilities.
  • Prioritized list of accountabilities and responsibilities
1.3 Evaluate organizational structure.
  • Revised organizational structure

Module 2: Direct

The Purpose

  • Assign accountabilities and responsibilities and build a governance and management model.

Key Benefits Achieved

  • Visual governance model showing stakeholder accountabilities, responsibilities, and interactions.

Activities: Outputs:
2.1 Align with the business.
2.2 Build security governance and management model.
2.3 Visualize security governance and management model.
  • Security governance and management model

Module 3: Monitor

The Purpose

  • Develop KPIs to measure governance and management effectiveness.

Key Benefits Achieved

  • Key performance indicators to measure progress towards your governance and management goals.

Activities: Outputs:
3.1 Develop governance and management KPIs.
  • Security Metrics Determination and Tracking Tool
  • KPI Development Worksheet

Module 4: Implement Essential Governance Processes

The Purpose

  • Design and implement essential processes to support governance and management.

Key Benefits Achieved

  • Establish a steering committee and set risk appetite, policy lifecycle and exceptions handling process.

Activities: Outputs:
4.1 Draft steering committee charter.
4.2 Complete steering committee RACI chart.
  • Steering committee charter and RACI chart
4.3 Draft qualitative risk statements.
  • Risk-appetite statements
4.4 Define policy management lifecycle.
  • Policy management lifecycle
4.5 Establish exception approval process.
  • Policy exception approval process
Visit our Exponential IT Research Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019