Security Roles And Responsibilities : A Security Manager Of A Medium Size Business Of 400 Employees

855 Words Feb 18th, 2016 4 Pages
If I will newly hired as IT Security Manager of a medium size business of 400 employees and have 6 personnel in our security department. My company CIO asked about the security plan of company, as a manger of IT company, I need to secure the data of company is my responsibility. Security strategy plan helps to prepare an organization to face any type of unwanted security issues. As a security manager first thing I will do the Identification of threat, assessment of risk and controlling and mitigation actions should be planned, implementation of recovery strategies and continuity planning, and final step is documentation.
I will plan my thoughts in an order
• Establishing security roles and responsibilities
• Training to employees
• Network Protection
• Threat identification
• Risk assessment and continuity planning
• Recovery strategies and crisis management
• Implementation of security policy
Establish a security roles and responsibilities:
First thing I will clearly identify the company data ownership and employees roles for security oversight and their inherit privileges including necessary roles and the privileges and constraints of the roles. The employees only have the authority to access the systems of the company according to their roles. Depending on the type of data regularly used I will prepare a separate polices to protect the data. If an employee can hold multiple roles may leads miss interruption then leads to crush the data (Whitman,…

Related Documents