The security administration function can live anywhere within the organization. The best place is in a security administration area that reports directly to top management. This allows the function to handle its responsibilities without the compromises that can result from loyalties to the functional area which security administration is part of. It can also be advantageous to include all security functions, including physical security activities, within this area.
Many organizations cannot set up a separate security area. In this case, the security administration function should reside in an area where it will have the power to enforce security. This power should be granted and actively supported by the top management of the organization. The area should also have the manpower available to staff the function. Under these circumstances, the security administration function can live virtually anywhere within an organization.
The classic functional areas chosen to harbor the security function include:
Because it is very involved with the security software itself.
Because requests for access to corporate data are usually made to this area.
Because it is responsible for all processing.
Because it is responsible for ensuring proper access to resources in accordance to policy.
|
Copyright © 2010 CA Technologies.
All rights reserved.
|
|