week10 - Week 10 ITC482 Computer Management & Security...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
ITC482 Computer Management & Security Week 10 Management of Information Security, 2nd ed. - Chapter 10 Slide 2 Learning Objectives Upon completion of this chapter, you should be able to: Identify the skills and requirements for information security positions Recognize the various information security professional certifications, and identify which skills are encompassed by each Understand and implement information security constraints on the general hiring processes Understand the role of information security in employee terminations Describe the security practices used to control employee behavior and prevent misuse of information
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Management of Information Security, 2nd ed. - Chapter 10 Slide 3 Introduction Maintaining a secure environment requires that the InfoSec department be carefully structured and staffed with appropriately credentialed personnel It also requires that the proper procedures be integrated into all human resources activities, including hiring, training, promotion, and termination practices Management of Information Security, 2nd ed. - Chapter 10 Slide 4 Staffing the Security Function Selecting an effective mix of information security personnel requires that you consider a number of criteria; some are within the control of the organization, and others are not In general, when the demand for personnel with critical information security technical or managerial skills rises quickly, the initial supply often fails to meet it As demand becomes known, professionals enter the job market or refocus their job skills to gain the required skills, experience, and credentials
Background image of page 2
Management of Information Security, 2nd ed. - Chapter 10 Slide 5 Staffing the Security Function (continued) To move the InfoSec discipline forward: The general management community of interest should learn more about the requirements and qualifications for both information security positions and relevant IT positions Upper management should learn more about information security budgetary and personnel needs The IT and general management communities of interest must grant the information security function (and CISO) an appropriate level of influence and prestige Management of Information Security, 2nd ed. - Chapter 10 Slide 6 Qualifications and Requirements When hiring information security professionals at all levels, organizations frequently look for individuals who have the following abilities: Understand how organizations are structured and operated Recognize that InfoSec is a management task that cannot be handled with technology alone Work well with people in general, including users, and communicate effectively using both strong written and verbal communication skills Acknowledge the role of policy in guiding security efforts
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Qualifications and Requirements (continued) When hiring information security professionals at all levels, organizations frequently look for individuals who have the following abilities (continued):
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 32

week10 - Week 10 ITC482 Computer Management & Security...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online