The Difference Between Governance and Compliance

Digital Sources LLC’s Executive Director Pape Cisse emphasizes the importance of governance and compliance in navigating data security and privacy, and previews his upcoming keynote presentation “The CIO’s Guide for Enhancing GRC in 2024” live webinar launching Thursday, June 20.

Brandon Taylor, Digital Editorial Program Manager

June 18, 2024

11 Min View

Though governance and compliance are terms that tend to be used interchangeably, there are important differences between them. While governance serves as the overall framework for decision-making by setting the policies and standards for privacy and risk management, compliance actions adhere to the established regulations of an industry.

According to Pape Cisse, there are three more key differences in the scope, focus, and responsibility that further highlight the distinctions between the two.

“What are the key differences in terms of scope? Governance is broad, it encompasses the entire organizational data practices,” he says, “while compliance is very narrow since it focuses on the specific legal and regulatory requirements. In terms of focus, governance really emphasizes control and accountability, while compliance prioritizes the adherence to the external rules and regulation.”

Governance is typically a broad level of responsibility that can be overseen by a board that monitors risk, amongst other things.

“All those are part of the governance, while compliance is usually managed by a dedicated team or department. A risk department looks at compliance and then usually the legal department makes sure that any organization is compliant with all the legal requirements within that industry,” says Cisse.

Related:Are Hyper-Personalization and an Individual's Control of Data at Odds?

As AmeriCorp’s former CIO, Cisse led the agency in the formulation and administration of policy and operational activities that promote the effective and efficient utilization of computer technology systems, networks, and equipment.

Next on the list: Cisse is our featured keynote speaker for “The CIO’s Guide to Enhancing GRC in 2024” live webinar. In this broadcast, we'll reveal ways to make GRC easier and more automated to push your company to the next level.

The event launches on Thursday, June 20, presented by InformationWeek and sponsored by LogicGate. He provided us with some clarity in a video interview.

REGISTER for our live “The CIO’s Guide to Enhancing GRC in 2024” webinar today.

Read more about:


About the Author(s)

Brandon Taylor

Digital Editorial Program Manager

Brandon Taylor enables successful delivery of sponsored content programs across Enterprise IT media brands: Data Center Knowledge, InformationWeek, ITPro Today and Network Computing.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights