Summary
In this chapter, you learned about the various aspects of security strategy, governance frameworks, and information security programs. You also explored in detail the benefits of increasing the effectiveness of security training. This helps the CISM aspirant understand the organization's security program and architecture.
In the next chapter, you will go through the important aspects of information risk assessment.