Security governance must be enforced at all levels of an organization. But many still do not understand quite what security governance is, what is its main objective, and how it should be integrated within existing structures in an organization.

In term "Governance". briefly state

(a) what governance is from a security perspective,

(b) it's main objective, and

(c) how should it be integrated into an organization.

provide links to the sites.

It is quite common in today's IT organizations that inspite of the mandatory practice  that security governance must be enforced at all levels of an organization ,many still do not understand quite what security governance is and its  main objective, and how it should be integrated within existing structures in an organization.

Here is the glance on  the Security governance definitions,aims and ways it could be integrated

(a) Governance from a security prospective could be defined as :

the set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction,ensuring that objectives are achieved, ascertaining that all the existing ,

future risks are managed appropriately and verifying that the enterprise's resources are used responsibly

(b)security governance aims at providing directives to the senior management with an agenda

to implement a security program that ensures sufficient security to protect the important information of an organization.

(c)There are four phases where we could  Integrate IT and Corporate Governance into an organization.

Phase 1—The executive Board Gets Involved.

Phase 2—Ensure Value Creation. Phase 3—Stakeholder Management.

Phase 4—IT Management Support