Setting the Record Straight about Governance, Security & Compliance

by | Apr 9, 2019

The True Meaning Of Governance,
Security & Compliance

Governance. Security. Compliance. What comes to your mind when you hear each of those three words? Lately, I have noticed a lot of people using these terms interchangeably. I don’t know if they actually believe that they mean the same thing, or if the terms simply blend together because they are all often interconnected as IT aims to mitigate risks and protect their organization.

Although they often go hand-in-hand, let’s break these concepts down.

The definition of governance is the “establishment of policies and continuous monitoring of their proper implementation, by the members of the governing body of an organization.” When you think about governance, you should think of self-imposed policies. These policies are usually managed and audited by an impartial group or leaders from within an organization. Strong governance is essential to maintaining accountability and communicating expectations (whatever they might be) to the entire organization.

Security is “the state of being protected or safe from harm.” In the business world, this means that an organization is free from or taking actions to prevent danger or threat. As one of the most straight-forward of the three, very few people will disagree that having some type of security strategy in place is a must – no matter how small you are or if you don’t think you have anything of value to protect. The fact is that every organization with data or workers must be secured.

The constant challenge of compliance is defined as “the action or fact of complying with a wish or commend.” We are not talking about self-imposed requirements (like in the case of governance) – instead, this is a set of rules or requests coming from outside the organization. Another important thing to note is that compliance often needs to be validated or proven to the third-party who set forth the set of rules or requests. If compliance is not taken seriously, you can end up with a ruined reputation and find yourself facing hefty fines or maybe even criminal charges.