Part 1 (1000 words) : Describe the differences between law and policy. When is one more appropriate than the other? What are the associated benefits / drawbacks associated with each?
Part 2: (each question 300 words)
What is Information Security Governance?
Common roles involved in Security Governance.
Security Governance Documentation
Policies utilized within the Governance process
Measures / methods to ensure governance compliance.
References