In: Computer Science
List three distinct places in the hierarchy of a large company where you could put a computer security team. Explain the pros and cons of positioning the team in each of these locations.
Define the role of a stakeholder in a security project. List five examples of stakeholders from the business, and explain why they have a vested interest in security policies and processes. Suggest how the CISO or the security team can work to build relations with and involve each stakeholder more in security projects.
Explain how the CISO should work with IT management and business units to get greater support for security projects. Be thorough and offer examples.
Once could place the security team in the following phases:
1) Design
2) Implementation and
3) Testing
The pros of positioning the team are as follows:
1) Finding the prospect is easier
2) Benefits for the decision makers
3) Efficient way of learning
4) It is highly compensated
Cons:
1) Extra work
2) Time consuming
When it come to the role of stakeholders in the Security Project below are the roles :
Some of the examples of Stake holders are as follows :
Creditors, Directors, Employees, Government , Suppliers, Unions etc
As the stalk holders play a vital role in rules and regulations and also are involved in ICT hence involving them are needed.
The security team can involve the Stalk holders in the security projects for ISP development and testing and auditing for letting them know the structure of the team and functioning of the task.
The chief information security officers are help with respect to the risk and cost of the projects and business decisions with IT and provide the in-depth knowledge of the security environments.