The Information Technology which Involved by IT Governance has revolutionized the Government which provides the security consistency, processes, standards, and repeatability needed for effective IT operations at the lowest possible cost within compliance requirements. IT Governance must be part of Enterprise Governance, a discipline that addresses all stakeholder needs, conditions and options to ensure they are evaluated for determining balanced, agreed-on enterprise objectives to be achieved; setting direction through prioritization and decision making and monitoring performance and compliance against agreed on direction and objectives. So the IT Governance support the Security of the government through operations in their compliance.
While IT Risk Management serves to focus IT Governance and security and privacy thinvestments by providing the Needs of IT governance in w/c they could build their mission with the help of IT risk management to accomplish the main success.
Information Security this program is managed by the Department/Agency Chief Information Security Officer (CISO) according to Federal Laws and Directives such as Federal Information Security Modernization Act (FISMA), OMB directives and memorandums, the NIST standards and special publications. Information security encompasses efforts to protect data and information systems from inappropriate access, manipulation, modification, and destruction.
Privacy – within a secure enterprise, privacy controls allow only properly designated personnel to access information governed under privacy laws, and encompass efforts to protect an individual’s ability to determine how their personal information is collected, used, stored, and disclosed. Information security and IT Governance directly impact the success of a privacy program. Privacy cannot exist without information security. Privacy must be considered in all information security programs.
Posted By: Delicana, Maria Fe BSIT-III