Thursday, October 17, 2019
The Rookie Chief Information Security Officer Term Paper
The Rookie Chief Information Security Officer - Term Paper Example The human resource management department, finance department and operation department should present the security challenges faced (Cullen, 2011). IT Compliance Officer, Security Officer, Privacy Security Personnel and IT Security Engineer should also present the problem faced in their daily duties. The report from each office and department should be presented to the Chief Information Security officer for evaluation. Security manager and CISO will use the report to implement policies and procedures, which will ensure sufficient security in the organizations. After evaluation of the report, they will recommend the applicable points and do away with points which will not lead to improvement of the security. They will apply professional ethics and come up with other policies left by the departments. After completion, they will forward the draft to the General Manger. The GM will forward to the Board of Directors who will hold a meeting with the Security Manger and CISO to evaluate each policy and procedure. After evaluation, the board of directors will sign the draft for approval. Then the security department will ensure that each employee in every department has a copy or is aware of the policies. Security department will also ensure sufficient training to all departments to create awareness of security policies to each employee. The employees will help in reinforcing the policies (Neil, 2009). ii. Reporting Structure Chain of command will ensure smooth running of the organization. Each employee will be reporting to the person next in command. The organizational chart above represents the reporting channel. Security guarding and escort services will be provided by a contracted guard force. Guard will provide physical security services, public relationship services and patrol and escort services. Guards will ensure sufficient security for the organizationââ¬â¢s asset and employees. They will provide assistant to customers visiting the organization by showing t hem location of offices. The guards will be managed by their supervisor who will report directly to the Security Officer. Security Officer will be responsible for maintenance of physical security. He/she will ensure that the contracted guard force maintains discipline and ethics (Mark, 2007). He will also check and record the available assets each day and carry out investigation in case of theft. Security officer will report direct to the CISO. The IT Security Engineer and the IT Security Compliance Officer will work to ensure that the information technology devices are maintained. They will ensure the hardware and software are maintained. They will evaluate the effectiveness of each device. They will provide a report in case of damage, loss and change of devices. They will report direct to the CISO. The Privacy Security Professional or the Investigation Officers will investigate theft, fraud and employee dishonest. They will carry out investigation in case of asset theft, cash thef t by employees and misconduct of the employee (Neil, 2009). In case of conflict between the employees, the investigation officer will carry out an inquiry to establish the source of the problem. Privacy Security Professionals will report direct to the CISO. The CISO will report to the Security Manager. The Security manager will be respons
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment