Cybersecurity governance, risk and compliance

Defining and operating a framework for making decisions, managing stakeholder relationships, and identifying legitimate authority.

Planning and implementing organisation-wide processes and procedures for the management of risk to the success or integrity of the enterprise.

Delivering independent, risk-based assessments of the effectiveness of processes, the controls, and the compliance environment of an organisation.

Implementing and operating a framework of controls and management strategies to promote compliance with personal data legislation.

Planning, implementing and controlling the full life cycle management of digitally organised information and records.

Protecting against and managing risks related to the use, storage and transmission of data and information systems.

Defining and operating a management framework of processes and working practices to deliver the organisation's quality objectives.

Developing and operating a measurement capability to support agreed organisational information needs.