
	Home > Ability to resolve conflicts between security and business objectives

Book Excerpt:

LICENSING & REPRINTS

Ability to resolve conflicts between security and business objectives

08 Sep 2005 | Information Shield

Digg This!

StumbleUpon Toolbar

StumbleUpon

Del.icio.us

The information security manager must be able to clearly see the pros and cons of certain courses of action, and be able to choose and negotiate a compromise which best serves the organization in the long run. Information security is always a compromise because the only absolutely secure information system is an unusable one. The successful manager must have a flexible personality and be comfortable making compromises. He or she must also know about the management tools that can be used to arrive at decisions of this nature (net present value, internal rate of return, payback, Monte Carlo simulation, automated testing tools, etc.). In addition to being familiar with information security technology, the successful manager must also have business skills, business knowledge and a business aptitude. The manager must be able to withstand pressure from various groups with competing objectives and be willing to take a stand for a course of action that is in the long-run best interests of the organization. The manager should not be overly concerned about being popular and well-liked; a manager concerned about popularity will soon be fired for getting nothing done. The manager must appreciate that, in an organization of significant size, information security takes years of dedicated work before it really starts to become part of the corporate culture.

INFORMATION SECURITY MANAGER QUALIFICATIONS

Introduction
Excellent communication skills
Good relationship management skills
Ability to manage many important projects simultaneously
Ability to resolve conflicts between security and business objectives
Ability to see the big picture
Basic familiarity with information security technology
Real world hands-on experience
Commitment to staying on top of the technology
Honesty and high-integrity character
Familiarity with information security management
Tolerance for ambiguity and uncertainty
Demonstrated good judgement
Ability to work independently
A certain amount of polish

Information Security Roles and Responsibilities Made Easy, Version 2
By Charles Cresson Wood
278 pages; $495
Published by Information Shield

Download Appendix B, Personal Qualifications

Digg This! StumbleUpon Del.icio.us

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

TechTarget Security Media

Information Security

View this month\\'s issue and subscribe today.

Information Security Decisions

Apply online for free conference admission.

SearchSecurity.com

SEARCH :

Advanced Search | Site Index

Powered by:

About Us | Contact Us | For Advertisers | For Business Partners | Site Index | RSS

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 2003 - 2008, TechTarget \| Read our Privacy Policy