Abstract
This chapter covers practical information rarely found in other volumes on information security management. It discusses the factors that are becoming increasingly significant as the subjects of auditing inspections and regulatory authorities. Firstly, it includes, reporting lines: The various advantages and disadvantages of the most common positions for the security team within an organization. These included the team being based in the IT department, where the role suffers a bias toward computer security, or based in the auditing department, where the role can lose a proactive role and become a mere subsection of auditing. Although reporting to the CEO or CTO is the most influential and ideal placing to bring a “whole organization” aspect to the role, there is a risk that the chief information security officer (CISO) could lose touch with operational activity. Secondly, team functions: the typical functions that a chief security officer and his team should perform vary from organization to organization. Functions usually include: operation security, security consultancy, and compliance.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
