Case Study › Departmental Security Coordinator - Responsibilities
Departmental Security Coordinator - Responsibilities
Each business unit within the First Tennessee corporation is responsible for the naming of one or more department security coordinator(s) to provide first‑level security administration for the major functional departments within that business unit.
This section describes the functional responsibilities of the Department Security Coordinator (DSC) at First Tennessee Bank. The DSC role is performed at the department level; all the functions and responsibilities defined here relate to that level.
The mission of the DSC is to assist the Central Security Administrator in the implementation and ongoing maintenance of the corporate data security program.
The DSC will be the focal point for all security‑related communications from a department to the Central Security Administrator.
Specific DSC Administrative Function:
- To document the existing computer application requirements for his/her department, as follows.
- Prepare a complete list of all computer terminals used in your department, including their location.
- Prepare a complete list of all current user IDs, including the user's name, phone number, location (mail code), computer applications used, and primary functions performed.
- Prepare a complete list of all computer files used by your department.
- Prepare a complete list of all computer programs used by your department.
- Prepare a complete list of any current password protected computer files used by your department.
- Prepare a cross reference matrix that relates each individual user to the previously mentioned items, including required read, write, update, scratch, and create authority of computer files for each.
- To validate the implementation of the base controls.
- To select, install, and perform administrative functions for all recommended additional data security controls.
- To regularly receive and review security violation reports and take appropriate actions.
- To report security violations to department management for follow‑up action.
Copyright © 2010 CA Technologies.
All rights reserved.
|
|