Resumen
Enterprises are now operating in the network economy. The network economy is dependent on the information infrastructure via the Internet. Organizations of all types (business, academia, government, etc.) are facing risks resulting from their ever-increasing reliance on the information infrastructure. Because of this, the US government implemented a number of legislations to secure cyberspace. This paper will examine the issue of Information Security Governance (ISG) of an enterprise information system, it will elaborate on the ISG framework, discuss the legislations and finally, assess how ISG can be framed to meet legislations to show due diligence and continuous process monitoring.