Security opportunities for cross organizational collaboration and communication

Security Governance
Committee

Enterprise security governance is a company’s strategy for
reducing the risk of unauthorized access to information technology systems and
data. Enterprise security governance activities should be consistent with the
organization’s compliance requirements, culture and management policies. This committee is responsible for setting
security policies, evaluation new threats, and reducing risk of intrusion, loss
of data integrity and compliance/regulatory violations.

Your time is important. Let us write you an essay from scratch
100% plagiarism free
Sources and citations are provided


Get essay help

 

Sample Objectives of the Security Governance Committee:

 

·        
Recommend IT Security Policies: The Cybersecurity
Governance committee should leverage the collective expertise and authority of
its participants to enable it to make recommendations to the Chancellor’s Board
and executive leadership regarding IT policies, initiatives and services at all
levels throughout the organization. Recommendations from the governance
committee will have major impact to the NYCDOE organization since all major
stakeholders will be represented.  Long
term goal is budgetary authority …

 

·        
Strategic Directions: The Cybersecurity Governance
committee should ensure that the strategic direction of IT aligns with the
overall strategy and business needs of the NYCDOE. This will include setting
priorities, recommending changes in funding levels or sources, and establishing
high-level requirements as typically dictated in the NYCDOE 5 year IT strategic
plan.

 

·        
Resource Allocation: The Cybersecurity Governance
committee should have a structured methodology to make recommendations on how
to concentrate and deploy resources in support of initiatives that extend
beyond functional or organizational boundaries. 1

 

·        
Collaboration: The Cybersecurity Governance committee
should provide increased opportunities for cross organizational collaboration
and communication in regards to specific IT initiatives as they affect the
academic and business functions across the enterprise.

 

·        
Standards and Policy: The Cybersecurity Governance
committee should provide guidance and have the authority to propose, institute
and promote IT standards and policies that support greater efficiency and
effectiveness to ensure the security of high risk data across NYCDOE.

 

·        
Transparency: The Cybersecurity Governance committee
should ensure that IT constituents are aware of what services are available
from which organizations and how to access those services. This should include
services at the school level, as well as Central. Ideally develop a shared
service model that contains the elements of price transparency, service
culture, good business process, standardization, continuous improvement and
responsiveness.

·

·        
Establishing Performance Measures: The Governance
Committee should establish baseline metrics continuous risk reduction is
demonstrated over time. 

1 http://www.uic.edu/depts/oaa/taskforces/UIC-ITTF-Final%20Report1.pdf