Summary
In this chapter, we analyzed stakeholder theory, understood compliance needs using the NIST standard, saw the need for governance, and revealed the relationships between risk management, assurance, governance, and compliance, and where each of these should stand within an organization. This can help you deal with regulatory authorities better, take a strong stance on compliance with auditors, and thus make sure that you meet your goals every year and are not troubled by different regulations or standards, using governance, risk management, and assurance to put them in their rightful place.
In the next chapter, we will be delving into detective controls and how they can detect the threats that concern the blue team.