Crisis Management Days

Multilayered Approach to Information Security Governance in Distributed Organisational Architectures

Igor Znika

Krunoslav Bilić

Jurica Đurić

Keywords: Information Security Governance, Distributed Systems, Multilayered Security, Hybrid and Cloud Environments, Risk Management, Security Architecture, Policy Standardization, Continuous Monitoring, Organizational Resilience

---

Abstract

A multilayered approach to information security governance recognizes that modern organizational architectures operate across heterogeneous and geographically dispersed environments, including on-premise systems, cloud infrastructures, and edge computing nodes. Governance must therefore be structured across multiple layers—network, infrastructure, application, data, and user - each with clearly defined controls, responsibilities, and risk management practices. Such an approach enables the implementation of defense-in-depth strategies, where security mechanisms are distributed and mutually reinforcing, reducing systemic vulnerabilities. Standardization of policies and interoperability of security controls are critical to maintaining consistency across diverse platforms and technologies. Additionally, governance frameworks must incorporate centralized visibility and decentralized enforcement, supported by continuous monitoring, automation, and real-time analytics. Organizational coordination, including cross-functional collaboration and clear accountability structures, plays a key role in ensuring effective governance. Ultimately, a multilayered governance model enhances resilience, scalability, and adaptability in complex distributed environments.