0 comments 9.823 views

This page is part of the  services section including StratMedia as well as Governance, compliance and risk assessmentincluding: governance (you are here), compliance, risk and  penetration testing fails.
the need

Governance is about how companies should be run, in the context of society as well as the law and best practice.
Understanding and managing governance is an inherent part of the compliance process.Without the proper governance policies and procedures put in place, the company cannot achieve compliance with relevant regulations and laws.
Below we provide you with information and links to get more details about the various services and tools we offer that help your bottom line.

Governance describes the mechanisms an organization uses to ensure that its constituents follow its established processes and policies. It is the primary means of maintaining oversight and accountability in a loosely coupled organizational structure.

A proper governance strategy implements systems to monitor and record what is going on, takes steps to ensure compliance with agreed policies, and provides for corrective action in cases where the rules have been ignored or misconstrued.

Governance provides the structure and processes required for a company to be in compliance with new legislation. In fact

    1 – Governance means how an organization controls its actions.
    2 – Failure to govern may result in not being compliant with regulations and laws.  It could cause damage to the companuy’s reputation, its brand and loss of customer trust.3 – To tackle this challenge the company must develop, implement and administer proper governance strategy. The latter must provide for corrective action in cases where the rules have been ignored or misconstrued.

CyTRAP Labs provides clients with tools that facilitate the:

      – better organization of governance activities, and


    – better controls and structuring including documentation for corporate governance.

An example are the crash-landings of the SAS Q400 planes during Fall 2007. These raised some questions about how Scandinavian Airlines manages its governance regarding maintenance and engineering.
Possible difficulties have resulted into three landings with Q400 type planes from Bombardier (2 in Sept. and 1 in Oct.) and 1 with an MD-80 in August with landing-gear problems. Cases that go way beyond what is usually considered to be normal:

SAS governance – after 2 crashes we expected proper risk assessment but got another crash-landing instead (UPDATE 1)

Also of interest:

Regulation that matters: What is the difference between a standard, policy, guideline and a procedure?