This paper discusses rationalizing governance, engineering practice, and engineering economics to produce conformant systems that meet their quality attribute targets for system and software assurance in an optimal, cost-effective fashion. It begins with a description of the governance landscape and addresses defining and trading off system quality characteristics, models for assessing the cost and value of software assurance, addressing multi-dimensional risk, and the delivery of value to the organization, its customers, and its stakeholders.