The IT Law Wiki

Decentralized governance

32,080pages on
this wiki
Add New Page
Add New Page Talk0

Cybersecurity Edit

In a decentralized governance structure, the authority, responsibility, and decision making power are vested in and delegated to individual subordinate organizations within the parent organization (e.g., business units). Subordinate organizations establish their own policies, standards, guidelines, procedures, and processes for ensuring the development and implementation of risk management and cybersecurity strategies, decisions, and mechanisms to communicate across the organization. A decentralized approach to cybersecurity governance accommodates subordinate organizations with divergent mission and business needs and operating environments.

The effectiveness of this approach is greatly increased by the sharing of risk-related information among subordinate organizations, so that no subordinate organization is able to transfer risk to another without the latter's informed consent. It is also important to share risk-related information with parent organizations, as the risk decisions by subordinate organizations may have an effect on the organization as a whole.

Source Edit

Also on Fandom

Random Wiki