Security Basics mailing list archives
Re: CISO/Security Team roles and functions
From: HITESH PATEL <hitesh50 () yahoo com>
Date: Mon, 4 Feb 2008 09:16:36 -0800 (PST)
Operational Security under Head of IT-Operations does make sense in order to provide efficiency in timely manner. Head of IT-Operations can have Operational Security under him as long as there is Oversight team from INFOSEC looking into the work (or alteast on the approval chain of Firewall changes) ----- Original Message ---- From: soul <soul1273 () yahoo fr> To: security-basics () securityfocus com Sent: Monday, February 4, 2008 7:21:21 AM Subject: CISO/Security Team roles and functions Hi All, In my organization, the IT security Team is in charge of risk management, security policies, and administration/management of access, rights and authorization for in some applications (SAP, SWIFT,...)and Firewals administration for traffic authorization on the network. But the new network division chief said that the security team should only provide security policies but not firewalls administration. He want the network team be in charge of the Firewalls administration. He said firewalls administration is operational security and should be perform by network team. But, I respond to him that there is need of segregation of duties and responsibilities. the Firewalls are installed by Network team but the administration of firewalls is perform by IT Security team like for the applications. What can or should be the roles and functions of a security team in an organization? There is a confusion concerning some terminologies: OPERATIONAL SECURTY, SECURTY ADMINISTRATION,.... thank you. _____________________________________________________________________________ Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail http://mail.yahoo.fr
Current thread:
- CISO/Security Team roles and functions soul (Feb 04)
- Re: CISO/Security Team roles and functions Sergii Khomenko (Feb 04)
- RE: CISO/Security Team roles and functions Worrell, Brian (Feb 05)
- <Possible follow-ups>
- Re: CISO/Security Team roles and functions HITESH PATEL (Feb 04)
- Re: CISO/Security Team roles and functions amatachick (Feb 05)
- Re: CISO/Security Team roles and functions WALI (Feb 06)
- Re: CISO/Security Team roles and functions Sergii Khomenko (Feb 06)