The Difference Between Governance and Compliance
Digital Sources LLC’s Executive Director Pape Cisse emphasizes the importance of governance and compliance in navigating data security and privacy, and previews his upcoming keynote presentation “The CIO’s Guide for Enhancing GRC in 2024” live webinar launching Thursday, June 20.
Though governance and compliance are terms that tend to be used interchangeably, there are important differences between them. While governance serves as the overall framework for decision-making by setting the policies and standards for privacy and risk management, compliance actions adhere to the established regulations of an industry.
According to Pape Cisse, there are three more key differences in the scope, focus, and responsibility that further highlight the distinctions between the two.
“What are the key differences in terms of scope? Governance is broad, it encompasses the entire organizational data practices,” he says, “while compliance is very narrow since it focuses on the specific legal and regulatory requirements. In terms of focus, governance really emphasizes control and accountability, while compliance prioritizes the adherence to the external rules and regulation.”
Governance is typically a broad level of responsibility that can be overseen by a board that monitors risk, amongst other things.
“All those are part of the governance, while compliance is usually managed by a dedicated team or department. A risk department looks at compliance and then usually the legal department makes sure that any organization is compliant with all the legal requirements within that industry,” says Cisse.
As AmeriCorp’s former CIO, Cisse led the agency in the formulation and administration of policy and operational activities that promote the effective and efficient utilization of computer technology systems, networks, and equipment.
Next on the list: Cisse is our featured keynote speaker for “The CIO’s Guide to Enhancing GRC in 2024” live webinar. In this broadcast, we'll reveal ways to make GRC easier and more automated to push your company to the next level.
The event launches on Thursday, June 20, presented by InformationWeek and sponsored by LogicGate. He provided us with some clarity in a video interview.
REGISTER for our live “The CIO’s Guide to Enhancing GRC in 2024” webinar today.
Read more about:
RegulationAbout the Author
You May Also Like
2024 InformationWeek US IT Salary Report
Aug 15, 2024Managing Third-Party Risk Through Situational Awareness
Jul 31, 20242024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022