Governance

Governance is the fourth core component of Middlebury's information security program. Management and oversight of Middlebury's information security posture requires developing, maintaining, auditing, and enforcing the information security program. This includes the creation of policies and procedures, continual assessment and mitigation of risks and threats, managing the response to events and incidents, and providing strategic information security guidance for Middlebury's initiatives.

Resources offered in this component include Regulation and Policy guidance. This includes information on PCI DSS and Data Classification. This area also component of the information security program also includes work in Risk Management.

Governance

Governance is the fourth core component of Middlebury's information security program. Management and oversight of Middlebury's information security posture requires developing, maintaining, auditing, and enforcing the information security program. This includes the creation of policies and procedures, continual assessment and mitigation of risks and threats, managing the response to events and incidents, and providing strategic information security guidance for Middlebury's initiatives.

The following resources represent some of the governance efforts that Middlebury's Information Security workgroup participates in.