Governance, Risk, Compliance

Governance, Risk, Compliance

Compliance

Too often the focus of security is on protecting the IT systems that process and store the vast majority of information, rather than on the information itself. However, given the various threats facing businesses and organisations, this approach is too narrow to accomplish the level of integration, process assurance and overall protection that is required.

My focus is on the strategic alignment of information security with business strategy to support organisational governance objectives, the use of risk management by executing appropriate measures to manage and mitigate risks and reduce potential impacts on information resources to an acceptable level and optimising information security investments in support of organisational objectives.