管理層要走iso 27001 5 責任 權限
支援 資源 能力 認知 溝通 傳達
Securitygovernance is a framework that allows for the security goals of an organization to be set andexpressed by senior management, communicated throughout the different levels of theorganization. It grants power to the entities needed to implement and enforce security, andprovides a way to verify the performance of these necessary security activities. Not only doessenior management need to set the direction of security; it also needs a way to be able to viewand understand how their directives are being met or not being met.