Skip to content

Your glossary for risk and compliance

Helpful definitions of all of the terms you need to know to better manage risk and compliance.

Cyber security

What is an ISMS Governing Body?

An ISMS governing body is an organizational governance team with management oversight, composed of key members of top management—typically defined as senior leadership and executive management responsible for strategic decisions and resource allocation—from within the organization.

The ISMS governing body provides appropriate management oversight for the organization’s Information Security Management System (ISMS) to ensure:

  • Information security objectives are in alignment with the business strategy to help meet the organization’s strategic objectives.
  • A risk management program identifies and mitigates the risks to an organization’s resources and assets and produces the intended results.
  • Policies and procedures supporting the organization’s ISMS are reviewed, approved, and remain current.
  • Appropriate allocation and use of resources to meet intended objectives.
  • According to established policies and procedures, an internal audit program is defined and carried out, including sufficient independence to maintain a separation of duties and avoid conflicts of interest.
  • Metrics such as Key Performance Indicators (KPIs) are defined, useful, and reported to ensure the achievement of intended outcomes and the effectiveness of the ISMS.
    Necessary adjustments improve the ISMS.

Back to glossary search

Why businesses and advisors choose 6clicks

It's faster, easier and more cost effective than any alternative.

6clicks Circle Logo

Powered by artificial
intelligence

Experience the magic of Hailey, our artificial intelligence engine for risk and compliance.

6clicks Circle Logo

Unique Hub & Spoke architecture

Deploy multiple teams all connected to a hub - perfect for federated, multi-team structures.

6clicks Circle Logo

Fully integrated
content library

Access 100's of standards, control sets, assessment templates, libraries and playbooks.

Are you ready to experience AI-powered GRC?