01. Governance vs Management

Question 1

Governance vs Management

Governance

Answer 1

C-Level Executives

Stakeholder needs, conditions and options
* Enterprise objectives
* Setting direction
* Monitoring performance and compliance
* Risk appetite

BUSINESS NEEDS

Question 2

Governance vs Management

Management

Answer 2

1. Plans
2. Builds
3. Monitorings activities

• Aligns to the direction the governance body has set
• How do we get to the destination set by C-Level Executives
• Risk tolerance - practically working wiht risk appetite in work environment

BUSINESS NEEDS

Question 3

Governance vs Management

Risk Appetite

Answer 3

1. Aggressive
2. Neutral
3. Adverse

• Risk appetite set by C-Level
• Whichever strategy chosen has unique opportunities and unique threats
• i.e. High risk, high rewards

BUSINESS NEEDS

Question 4

Governance vs Management

Bottom Up Organisation

Answer 4

IT Security = Nuisance

• not seen as a helper
• Does not have senior managment approval or buy in which trickles down to the organisation

Question 5

Governance vs Management

Top-Down Organisation

Answer 5

IT Leadership represented at board level

• they lead and support the direction that they have
• Exam is seen from this perspective

Question 6

Governance vs Management

CEO

Answer 6

Chief Executive Officer

• Leader of the organisation

C-LEVEL

Question 7

Governance vs Management

CIO

Answer 7

Chief Information Officer

• CIO or CTO usually sit above CISO or IT Security Manager

C-LEVEL

Question 8

Governance vs Management

CTO

Answer 8

Chief Technology Officer

• CIO or CTO usually sit above CISO or IT Security Manager

C-LEVEL

Question 9

Governance vs Management

CSO

Answer 9

Chief Security Officer

C-LEVEL

Question 10

Governance vs Management

CISO

Answer 10

Chief Information Security Officer

C-LEVEL

Question 11

Governance vs Management

CFO

Answer 11

Cheif Financial Officer

C-LEVEL