Security Manager Preparedness

Improved Essays
Before a security manager can “sell” a strategy, the manager must first have a keen awareness of what the organization does and how security fits into it. The security manager must fully understand the organizational mission and what processes within the organization are needed to accomplish the mission. The security manager must be able to identify organizational assets, liabilities and threats. The vulnerability of system processes are identified and rated on a scale as to likelihood. Conducting a proper risk assessment which focuses efforts on the greatest hazards will help mitigate the confrontation of risks which threatens an organization’s survival. Security managers use the preparedness phase in the development of plans in accordance …show more content…
These could be personnel who control departments key to the organization’s function or perhaps the chief financial officer who controls budgeting. There are two reasons for this strategy; it gives the chance for the security manager to become better educated on particular processes while simultaneously communicating security objectives. The security officer may have been intent on implementing a new process only to find out it has been tried before and failed. It might be wise to be armed with critical information before approaching leadership with your plans. Another reason I think its important to involve other team managers is synergy. Personnel within organizations must work together in order to effectuate a common good. Fay (2010) describes the forging of healthy relationships across the board and up and down the organization as part of the “buy-in” process. This is not a one way flow of information but must be part of a mutual process in which security is actively promoted by leadership and made a “visible strategic priority” (Fay, 2010, p. 305). Bringing in people who support the security manager plan could only strengthen any proposals and facilitate the buy-in process. If, for example, the CFO is not in favor of a proposal, the CSO may need to develop a more convincing strategy backed with statistical data. The CSO may have to slightly alter a developing plan before presenting it to leadership based on the input of other members. I think early debate prepares the CSO in the anticipation of an institutionalized response or may expose problems within the plan. Although, this could all be dismissed as a “feel good” strategy, I would submit that we do not operate in a vacuum when making decisions. It is healthy to hear from managers who may suffer the greatest impact from implemented strategies.

Related Documents

  • Improved Essays

    A PMO must fully integrate a risk management process that is able to identify potential risks, with a proactive approach, in order to promptly address each issue and minimize the effects on the project and organization. Along with completing a full risk analysis for every project, common risk factors and the risk tolerances of the organization and stakeholders should be included in the risk management assessment. By considering all of these attributes within the risk management process, a PMO can effectively implement a mitigation plan that will minimize the impacts on projects and present a competitive advantage for the organization…

    • 946 Words
    • 4 Pages
    Improved Essays
  • Superior Essays

    It will also analyze the change control process and identification needed for security for the specific business fields. Process to identify security needs and how it effects the foundation of the policy How can you possibly protect your IT infrastructure if you have no idea what you are protecting it against? That’s why it is important to identify the security needs and/or vulnerabilities thoroughly with a basic risk assessment. So a risk assessment is the process that should be completed first and it will help to identify the security needs. During this process you will be faced with some basic questions that will help to identify your security needs.…

    • 1045 Words
    • 4 Pages
    Superior Essays
  • Great Essays

    Information security policy refers to measures taken by a company in an attempt to control the behavior of the labor force. The policy ensures that no inappropriate activities take place within the working environment. As part of the rules that the policy has to abide by is the compliance with the laws and regulation and the ability to create defense in the court (Peltier, 2016). The management must support and administer the policy in a suitable manner. It is imperative to tailor the policy as a way of meeting the needs of the company.…

    • 1257 Words
    • 6 Pages
    Great Essays
  • Great Essays

    An important question is the cost, which company might have to pay if not protecting the asset. Identify vulnerabilities and threats Once the assets have been known and their values allocated, all the possible vulnerabilities and threats has to be identified for each of them. The security team should identify the vulnerabilities which could affect confidentiality integrity, or availability requirements. All the obtained information need to be documented so that the required countermeasures can be applied. As there might be a large number of vulnerabilities and associated threats that could disturb the assets, it is also important to be properly categorize them.…

    • 1790 Words
    • 8 Pages
    Great Essays
  • Superior Essays

    A good agreement or solutions has to include consequences otherwise there is no motivation to change. I would recommend the CMO or a manager should employ a “carrot not a stick” approach, but sometimes basic consequences are necessary. They have to be substantive such as termination or impact on promotion or monetary such as docking of bonus or salary. How should Dr. Ferrara be coached, and by whom? Is it worth the effort, since he might be retiring soon?…

    • 1114 Words
    • 4 Pages
    Superior Essays
  • Improved Essays

    Being responsive to the external environment enables firms to avoid strategic mistakes. The general environment framework is applied because the firm’s leadership needs to have a plan on how to respond to opportunities and threats from the external environment in order to develop superior products. Therefore, understanding the general environment enables the firm increase the probability that the firm’s strategies developed will appropriately align to the firm’s general environment The general environment framework is applied and monitored at all times. What are the challenges in applying this framework? How do you address those challenges?…

    • 1022 Words
    • 5 Pages
    Improved Essays
  • Superior Essays

    Not a perfect concept, but an entryway into exploring what fundamental, sustainable change in our organizations would look like” (Block). Taking a look at the culture and change stewards, it is essential that Human Resource Managers engage themselves and become familiar with clients as well as with employees. It is also important that managers maintain flexibility, accept change, and utilize respected employees who take pride in their work and seek success for the company. When employing the concept of stewardship, employees may begin to rely on oneself rather than requesting the next task at hand. Allowing qualified employees the authority to assist with change as well as the ability take to the proper steps in order to resolve conflict, removes some of the burden that otherwise, Human Resource Managers are presented with.…

    • 1985 Words
    • 8 Pages
    Superior Essays
  • Improved Essays

    Leaders need to ensure that they process they use to ultimately succeed in creating organizational change is one that is clear and flexible. Establishing a define process that has a clear path forward will offer the best chance of success. Leaders would do well to ensure that need is required (Fernandez, S., & Rainey, H., 2006). In order to persuade others that change is needed, the leader must define what needs to be change, why it needs to be changed, and how change will impact the organization in the future. These three variables will help the leader ultimately sell the necessity for change.…

    • 1323 Words
    • 6 Pages
    Improved Essays
  • Great Essays

    It is important for the leader to identify substantial positive feedback more so than negative to effectively enhance to develop performance measures. Since feedback is an important aspect in developing employees and groups, it equally important of knowing when and where to provide feedback. Seeing feedback as an effective tool in affecting behavior, attitudes and motivation, it is equally important not too abuse or loose trust with feedback. The Marketing team undeniably needed the leadership to provide feedback to the personnel and allowing them to understand the situations, solicit upward feedback apart from the surveys, and determine necessary actions required in developing the group.2. Extrinsic Rewards.…

    • 2382 Words
    • 10 Pages
    Great Essays
  • Improved Essays

    My main goal is to conduct a CIA Triad (Confidentiality, Integrity, and Availability) to the information system by providing and ensuring this is practiced by my employees. But before being able to manage these goals I would have to look deep into the company vulnerabilities and reduce any possible risk to an acceptable level. There are several decisions I can make upon the risk findings discover such as Risk Mitigation. In this process patches may be install to help reduce the risk or fix the problem that originated. With the standards, regulations, and policies implemented a guidebook will be form that will show the guidance to take if certain threats arise that can harm the company.…

    • 700 Words
    • 3 Pages
    Improved Essays