Information security is a complex issue and deals with the confidentiality, integrity and availability of data. IT governance is even more complex and in information security terms one has to think in terms of the whole enterprise, the entire organisation, which includes all the possible combinations of physical and cyber assets, all the possible combinations of intranets, extranets and internets and which might consist of an extended network of business partners, vendors, customers and others. Information security is a crucial component of IT governance. As information technology and information itself become more and more the strategic enablers of organisational activity, so the effective management of both IT and information assets becomes a critical strategic concern for boards of directors.
ISO27001:2017 Readiness / Compliance program