Information Security Governance Simplified: From the Boardroom to the Keyboard

Posted on by Ben Rothke

Juggling two balls is something that most people can do, but juggling six balls takes dexterity and practice. Juggling the complexities of current IT environments requires a significant amount of skill. Besides considerations of technical, business, and financial elements, there also are regulatory requirements for oversight and governance.


 In Information Security Governance Simplified: From the Boardroom to the Keyboard, author Todd Fitzgerald provides an excellent over­view on how security managers can create an effective information security program without breaking the bank. He shows the reader how to create a governance program that includes all of the necessary managerial, technical, and operational controls. Creating such a program is not a trivial endeavor, and Fitzgerald offers numerous tips and real-world examples.

The book has 30 pages of operation controls detailing all of the points needed to create a governance program. Controls are mapped according to various regulatory requirements. Anyone looking for a comprehensive guide on creating an information security governance program written in a readable manner will find this book to be a great resource.


978-1439811634 Rothke Todd Fitzgerald

Ben Rothke

Senior Information Security Manager, Tapad

risk management

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community