To implement an information security strategy and framework for your organization, to manage risk, and the functions of compliance, risk management, infrastructure security, security operations, and other security program functions, you need to capture responsibility, accountability, security control delivery, processes, and measurement in policy and governance. Security programs need well run governance to ensure transparency and inclusion into policy, processes, and standards, and in defining end states. It’s imperative that your governance includes IT and business lines in program decisions, risk decisions, and in prioritizing goals and objectives. It is also critical to capture decisions made, to review the protection of business critical systems and applications, budget forecasting and to table top cyber exercises. Cyber Oak Solutions has the experience you need creating governance functions and developing clear and measurable policy.