| IT |
Responsible for information security governance within the enterprise (A security forum can be part of an existing management body. Because information security is a business responsibility shared by all members of the executive management team, the forum needs to involve executives from all significant parts of the enterprise. Typically, a security forum has the following tasks and responsibilities: Defining a security strategy in line with the business strategy Identifying security requirements Establishing a security policy Drawing up an overall security program or plan Approving major initiatives to enhance information Reviewing and monitoring information security incidents Monitoring significant changes in the exposure of information assets to major threats) |
