• Categories: Information SecurityBy 3.4 min read

    The governance pyramid is built bottom-up with policy, standards, process, procedures, and guidelines. To be effective, the structure needs to be organized, consistent, and aligned with to policy and business need.

    Read article
  • Categories: Information SecurityBy 2.6 min read

    Security as a Process (SAAP) and the classification of information is fundamental to information security. This article, the second in a three-part series, looks at the "how" of information security and why it is so important.

    Read article
  • Categories: Information SecurityBy 2.7 min read

    Information security is a multifaceted field, covered with tempting baubles and sharp thorns. However, the unifying framework upon which the whole field is suspended is governance. This article, the first in a three-part series, looks at standards and policy—from why policies are needed and what needs to be done to support them.

    Read article