information security Especially in cases where the level of informatization of the enterprise’s activities is at a fairly high level of maturity. The above-mention ucational standard, according to which managers in the field of information technology are train, notes the area of information systems security, which allows us to assume that the director of information technology will find a common language with the information security service. Of course, the effect of subordination to the IT service will not be positive if the qualifications of the head of this service do not meet the current professional standard.
Moreover, the lack of communication information security
Skills with top management in phone number library the head of the information security service does not correlate with the lack of professional qualities in the field of information protection and information security management of the enterprise. Here, the most suitable link between top management and the information security service will be the head of the business automation unit of the enterprise, for example, the director of information technology.
Thus, if the head of the enterprise feels
Does not bring any benefit to the business, then it makes sense to try to transfer it to direct subordination. In extreme cases, if the manager has difficulties in communicating with the head of the information security service, then subordinate it to the IT director. It is necessary to look again at the tasks set for the IT service, whether it is developing the information security management system or is engag in a “witch hunt”. Managers ne to understand that the information security service is an effective business management tool.
They just ne to learn how to use it correctly
Remember the last time the head of your organization told the information security manager about business problems. And when was afb directory the last time he was task with analyzing a particular business process? Ask whether the head of your department consult with information security specialists when preparing proposals for improving his area of the enterprise’s business activities. Start using the information security service it is far from certain that for its intend purpose, and you will receive evidence of its necessity in the form of a real increase in business marginality, and not virtual “seemingly prevent” damage from a “seemingly probable” attack.