Firstly, discuss the ideal information security governance structure by referring to the organisational hierarchy, information security positions it should comprise, reporting lines and where the office of the chief information officer should reside.

Secondly, critically analyse the information security governance structure of your organisation and make recommendations for its improvement, where applicable.

Use a diagram for the current and proposed structure of the case study organisation; and discuss and motivate your recommendations. Make sure that you indicate where the chief information security officer $($CISO$)$ should reside in the governance structure with proposed reporting lines and motivate your answer. Include aspects such as the position of the office, the roles, committees, reporting, other business units and the like to include in the structure. $($You must include the current and proposed structure diagrams $$ thus two diagrams$).$