Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is an ISMS governing body?

An ISMS governing body is an organizational governance team with management oversight, composed of key members of top management—typically defined as senior leadership and executive management responsible for strategic decisions and resource allocation—from within the organization.


The ISMS governing body provides appropriate management oversight for the organization’s Information Security Management System (ISMS) to ensure: 

  • Information security objectives are in alignment with the business strategy to help meet the organization’s strategic objectives.
  • A risk management program identifies and mitigates the risks to an organization’s resources and assets and produces the intended results.
  • Policies and procedures supporting the organization’s ISMS are reviewed, approved, and remain current.
  • Appropriate allocation and use of resources to meet intended objectives. 
  • According to established policies and procedures, an internal audit program is defined and carried out, including sufficient independence to maintain a separation of duties and avoid conflicts of interest.
  • Metrics such as Key Performance Indicators (KPIs) are defined, useful, and reported to ensure the achievement of intended outcomes and the effectiveness of the ISMS.
  • Necessary adjustments improve the ISMS.

{{cta_withimage2="/cta-modules"}}

Additional resources you might like:

ISO 42001
Blog
4 lessons learned during our ISO 42001 audit

Key takeaways from our ISO 42001 audit—and tips to help other companies navigate the process with ease.

Security
Events
Scaling Security in the Age of AI: Lessons from Vanta, Wiz, & Modo Labs

Join Vanta + Wiz + Modo Labs for a fireside chat where they’ll explore key questions about AI’s impact on scaling security programs–what to watch out for, how to adapt, where to adopt AI, and what to focus on next.

Compliance
Events
Product Demo: Simplify ISO 27001 and SOC 2 compliance with Vanta

See how Vanta simplifies security and streamlines compliance across 35+ frameworks—live on May 6.

Additional resources you might like:

ISO 42001
Blog
4 lessons learned during our ISO 42001 audit

Key takeaways from our ISO 42001 audit—and tips to help other companies navigate the process with ease.

Security
Events
Scaling Security in the Age of AI: Lessons from Vanta, Wiz, & Modo Labs

Join Vanta + Wiz + Modo Labs for a fireside chat where they’ll explore key questions about AI’s impact on scaling security programs–what to watch out for, how to adapt, where to adopt AI, and what to focus on next.

Compliance
Events
Product Demo: Simplify ISO 27001 and SOC 2 compliance with Vanta

See how Vanta simplifies security and streamlines compliance across 35+ frameworks—live on May 6.

Security
Events
From Insights to Action: Measuring and Advancing Security Maturity

Discover how Vanta’s customizable reporting and dashboarding can help you assess and improve security maturity with real-time insights, better risk visibility, and data-driven decision-making.

Company news
Events
Zero to success: What we got wrong before we got it right

Join experienced founders as they share key lessons on overcoming early startup challenges and driving growth.

SOC 2
Events
Live Demo: Automating Compliance for SOC 2, ISO 27001, and More

Discover how automation can transform your compliance efforts into a streamlined, efficient process. Join the live demo to see it in action and get your compliance questions answered.

Compliance
Events
Demystifying the EU AI Act

Discover how Vanta can streamline your journey through this new regulatory landscape, ensuring your AI operations are secure and future-ready.

Compliance
Blog
The founders guide to accelerating growth with compliance in ANZ

Proactively investing in security compliance can help ANZ startups unlock bigger deals and build trust with customers long before compliance becomes mandatory.

Compliance
Events
Live Demo: Automating Compliance for ISO 27001, GDPR and more with Vanta

Unlock the power of automated compliance and streamlined security workflows—join our live demo to see how Vanta can save you time, money, and help build trust with your customers.