Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is an ISMS governing body?

An ISMS governing body is an organizational governance team with management oversight, composed of key members of top management—typically defined as senior leadership and executive management responsible for strategic decisions and resource allocation—from within the organization.


The ISMS governing body provides appropriate management oversight for the organization’s Information Security Management System (ISMS) to ensure: 

  • Information security objectives are in alignment with the business strategy to help meet the organization’s strategic objectives.
  • A risk management program identifies and mitigates the risks to an organization’s resources and assets and produces the intended results.
  • Policies and procedures supporting the organization’s ISMS are reviewed, approved, and remain current.
  • Appropriate allocation and use of resources to meet intended objectives. 
  • According to established policies and procedures, an internal audit program is defined and carried out, including sufficient independence to maintain a separation of duties and avoid conflicts of interest.
  • Metrics such as Key Performance Indicators (KPIs) are defined, useful, and reported to ensure the achievement of intended outcomes and the effectiveness of the ISMS.
  • Necessary adjustments improve the ISMS.

Additional resources you might like:

Compliance
Event
Ask Me (Almost) Anything: AI & Compliance

What does AI mean for your company’s security compliance program? Join our session on 28 March 9 am AEDT where Matt Cooper, Privacy, Risk and Compliance Manager at Vanta, and Noam Rubin, Sr. Software Engineer at Vanta, will answer (almost) all your questions about AI and compliance.

Compliance
Event
Automating SOC 2 compliance & more

Join Vanta’s 45-minute live product demo on March 12 at 11 am PST where Devin and Natalie will walk you through the Vanta platform and show you how we automate 90% of the work for security and privacy frameworks, and help you move towards a state of continuous compliance.

Compliance
Event
ISO 27001 & SOC 2 Compliance Automation

Join Vanta’s 45-minute live product demo on 13 March at 11 am GMT. Two of our team members will walk you through the platform and answer questions throughout the session.

Get compliant and
build trust, fast.

Two wind turbines on a white background.
Get compliant and build trust,
fast.
Get started