Roles, Responsibilities, and Accountabilities
Change is not an easy process for IT organizations, especially when that change pertains to the security of IT infrastructure components and deals with end users. Implementing change and getting acceptance or buy-in for the roles, responsibilities, and accountabilities for information security is paramount. This is critical because of the separation of duties, given the seven areas of information security responsibility. This separation of duties is the result of a defense-in-depth approach to securing the IT infrastructure, where the duties, tasks, roles, responsibilities, and accountabilities are distributed in a layered fashion across the organization. Security controls, procedures, and guidelines ...
Get Inside Network Security Assessment: Guarding Your IT Infrastructure now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.