This book provides an understanding of governance and its relevance to information security. It gives readers a clear, step-by-step approach to developing a sound security strategy aligned with their business objectives in order to ensure a predictable level of functionality and assurance. Next, it explores various approaches to implementing the strategy, guiding the reader toward practical, workable solutions. A broad range of business managers, IT security managers, and information security managers will value the guidance, action plans, and sample policies provided in this comprehensive book.