The objective of Security Governance is to establish a business-driven, regulated and risk based approach towards Information Security that is governed by the leadership team, communicated with internal and external stakeholders, and continuously reviewed and improved across the organisation.​