Governance describes the overall management approach through which senior executives direct and control the entire organization, using a combination of management information and hierarchical management control structures.
A Framework is a tool to enable organizations to establish a roadmap for reducing technology security risk that is well aligned with organization and sector goals, considers legal/regulatory requirements and industry best practices, and reflects risk management priorities. In addition to existing frameworks ISO 27000, NIST, ITIL (process framework), and PCI, NIST released the first version of the Framework for Improving Critical Infrastructure Cybersecurity on February 12, 2014. The Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure.
- Implementing framework and it includes: Project Management and Implementation.
- Performing gap assessment, remediation, pre audit, and post audit.
- Certifying ISO compliant (as per Client request) with the help of certifying partners.
- Alignment within frameworks and control rationalization.