Computer sciences and Information technology - Essay Example

Computer sciences and Information technology What functions constitute a complete information security program? Network security administration, responses to incidents,, management of risks, measurement, centralized authentication, system security administration, assessment of legal claims, coaching, susceptibility assessment, testing systems, goals and adherence. What is the typical size of the security staff in a small organization? A medium sized organization? A large organization? A very large organization?

The smallest has one fulltime and one or two assistants The second one is medium sized with one fulltime and two or three assistants Thirdly it is the large one with one of two fulltime admins, sixteen assistants and three to four technicians Lastly it is the large size. The large size has twenty full time admins and forty assistants. Where can an organization place the information security unit? Where should (and shouldn’t) it be placed? Different organizations have different locations and cite advantages and disadvantages for each location.

The best locations are; insurance and risk management, information technology, legal department, operations or administrative services. Locations not advisable include accounting and finance, internal auditing, security, help desk and facilities management. The chain of command as well as recourse allocation is critical for a working placement. Into what four areas should the information security functions be divided? Vulnerability and risk assessment functions which are foreseen by information security docket is the first division.

Duties by IT control and management example training Duties by information security docket example compliance audits Activities done by IT not within InfoSec example administration of r=security network.