Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is an ISMS governing body?

An ISMS governing body is an organizational governance team with management oversight, composed of key members of top management—typically defined as senior leadership and executive management responsible for strategic decisions and resource allocation—from within the organization.


The ISMS governing body provides appropriate management oversight for the organization’s Information Security Management System (ISMS) to ensure: 

  • Information security objectives are in alignment with the business strategy to help meet the organization’s strategic objectives.
  • A risk management program identifies and mitigates the risks to an organization’s resources and assets and produces the intended results.
  • Policies and procedures supporting the organization’s ISMS are reviewed, approved, and remain current.
  • Appropriate allocation and use of resources to meet intended objectives. 
  • According to established policies and procedures, an internal audit program is defined and carried out, including sufficient independence to maintain a separation of duties and avoid conflicts of interest.
  • Metrics such as Key Performance Indicators (KPIs) are defined, useful, and reported to ensure the achievement of intended outcomes and the effectiveness of the ISMS.
  • Necessary adjustments improve the ISMS.

{{cta_withimage2="/cta-modules"}}

Additional resources you might like:

SOC 2
Vanta events | Vanta
Live Demo: Automating Compliance for SOC 2, ISO 27001, and More

Discover how automation can transform your compliance efforts into a streamlined, efficient process. Join the live demo to see it in action and get your compliance questions answered.

Compliance
Vanta events | Vanta
Demystifying the EU AI Act

Discover how Vanta can streamline your journey through this new regulatory landscape, ensuring your AI operations are secure and future-ready.

Compliance
Blog
The founders guide to accelerating growth with compliance in ANZ

Proactively investing in security compliance can help ANZ startups unlock bigger deals and build trust with customers long before compliance becomes mandatory.

Additional resources you might like:

SOC 2
Vanta events | Vanta
Live Demo: Automating Compliance for SOC 2, ISO 27001, and More

Discover how automation can transform your compliance efforts into a streamlined, efficient process. Join the live demo to see it in action and get your compliance questions answered.

Compliance
Vanta events | Vanta
Demystifying the EU AI Act

Discover how Vanta can streamline your journey through this new regulatory landscape, ensuring your AI operations are secure and future-ready.

Compliance
Blog
The founders guide to accelerating growth with compliance in ANZ

Proactively investing in security compliance can help ANZ startups unlock bigger deals and build trust with customers long before compliance becomes mandatory.

Compliance
Vanta events | Vanta
Live Demo: Automating Compliance for ISO 27001, GDPR and more with Vanta

Unlock the power of automated compliance and streamlined security workflows—join our live demo to see how Vanta can save you time, money, and help build trust with your customers.

Compliance
Vanta events | Vanta
Live Demo: Automating Compliance for SOC 2, ISO 27001, HIPAA, and More

Discover how Vanta’s automation tools can simplify compliance for SOC 2, ISO 27001, HIPAA, and more, helping you build a stronger security foundation with ease.

Compliance
Vanta events | Vanta
Live Demo: Simplify ISO 27001 and SOC 2 Compliance to Fuel Growth

See how Vanta can simplify and automate your compliance efforts, helping you scale your business while building trust with customers!

Product updates
Vanta events | Vanta
Trust is a Team Sport

Jeremy Epling (CPO at Vanta) introduces new product capabilities designed with teamwork in mind. Watch to see how Vanta can help you collaborate easily with your extended team of employees, vendors, auditors, and customers—and win together.

Compliance
Vanta events | Vanta
Live Demo: Automate compliance to fuel your startup's growth

Discover how automating compliance can streamline processes, save time, and fuel your startup’s growth.

ISO 42001
Vanta events | Vanta
Compliance for AI in Europe: Preparing for Emerging AI Laws and Regulation

Explore how ISO 42001 and the EU AI Act help your company stay compliant, secure, and ahead of evolving AI regulations with expert insights and practical strategies.