information security A similar task is perform by quality control and technical control specialists. No one questions why they are ne. The service’s existence in such conditions completely disappears. As a result, the effectiveness of the information security department can be measur in negative values. Instead of coordinating the enterprise’s departments in implementing security measures, the information security service will try to divide them and strictly regulate (read: limit) interaction channels, because this makes it easier to control communications.
Control over the implementation of establish information security
Rules for working with information phone number list will be replac by surveillance, and the rules themselves will be establish not by business, but by the information security service, and will be establish bas on considerations of more complete control, and not the ne to solve the main business tasks of the enterprise. Assessing the effectiveness of information security measures will turn into a “witch hunt”. The security service will evaluate not how information security measures help maintain the continuity of business processes and increase their efficiency, but how accurately the company’s employees comply with the establish rules for working with information and how effectively violations are detect. Sound familiar?
Including the information security service in the structure of departments
That ensure economic, anti-terrorist and other types of internal security, including the enterprise security regime, makes practical sense only if the security goals of the organization set by the manager are consistent with those present in the afb directory State Strategy for Economic Security of the Russian Feration. Otherwise, it is more appropriate to allocate the information security service into an independent structural unit with direct management decisions worth billions subordination to the head of the enterprise. This scheme is the most effective, but has one significant drawback. The head of the information security service must be able to talk to the top managers of the company in a language they understand.