How will it position and align information security factors with the business?
What will the resources be that will support the framework?
VI: Compliance Considerations: In this section, you will explain what the governance of your plan must consider in regard to security compliance from choosing to adopt your recommendations.
As part of this section:
Compliance
Identify and describe the benefits of be compliant with applicable laws and regulations through adherence to policies and internal controls, and provide assignment of responsibility.
Briefly identify and describe the areas of compliance that impact your organization and those internal safeguards that should be put in place in your business to ensure against loss or misuse of company data. Provide examples.
Third-Party Vendors and Partnerships
Briefly explain the partnerships that should be considered in regard to security governance and compliance, and the manner to which each will interact with your organization.
Consider too how examples such as law enforcement, external legal counsel, crisis and reputation management, strategic business partners will be participating in governance activities.