Summary
In this chapter, you learned about the importance of assurance functions, that is, governance, risk, and compliance, and how their integration is key to effective and efficient information security management. You also learned how organizations can use the maturity model to improve their processes and explored the importance of the commitment of senior management toward the security of an organization. The next chapter will cover the practical aspects of information security strategy.