Security Basics mailing list archives

Re: best place for IT Security team in the company organisation

From: Kenneth Swain <ken () kenswain com>
Date: Wed, 8 Aug 2007 12:52:14 -0500


On Aug 8, 2007, at 11:51 AM, soul wrote:

Hi All
In my company , there is a issue regarding the ITSEC Team place inthe company organisation. We have IT Department with telecoms &network division, Applications development Division, and Businessprocess Division.Initially, the ITSEC team is rattached directly to Director of theIT Department office. But now, some people want the Security Teamto be splited as follow in two :- strategy, BCP & policies rattached to IT Director office or theVice-president office- and security operations (only Firewall admin, VPN implementationand admin) rattached to the telecoms and network Division.
Could you advice me on the issue..... some best practices...

thank you

In our organization we have it split where strategy happens in onedepartment and operations happens in another. In my opinion youreally do not want the InfoSec department reporting to the Directoryof IT. It normally does much better when it is set under its owndirector.



Ken Swain
ken () kenswain com
http://kenswain.com

Current thread:

best place for IT Security team in the company organisation soul (Aug 08)
- Re: best place for IT Security team in the company organisation Kenneth Swain (Aug 08)
- RE: best place for IT Security team in the company organisation William Shepherd (Aug 08)
- RE: best place for IT Security team in the company organisation Mngadi, Simphiwe (SS) (Aug 13)
- <Possible follow-ups>
- Re: best place for IT Security team in the company organisation pks (Aug 09)
  - Re: best place for IT Security team in the company organisation SherpaJoe (Aug 10)
- Re: best place for IT Security team in the company organisation Doug Schlachta (Aug 10)