Written by an industry expert, Information Security Governance is a book-length treatment of this first important topics, providing readers with step-by-step approach to develop and manage an effective information security program. Beginning with an overview of government, this book covers: The business case for information security Defining roles and responsibilities Develop strategic metrics Determining the information security Define security objectives of government Establish risk management goals Develop a security strategy that cost-effective A sample strategy development The steps to implement effective strategies Assurance program Developing meaningful metrics development Designing metrics relevant information security management Defining metrics for incident management and response Equipped with an action plan and a sample policy that shows the reader how to incorporate these ideas into practice, Information Security Governance is required reading for every professional involved in information security and assurance.