Familiarity with information security management |
 |
| 08 Sep 2005 | Information Shield |
|
|
The information security manager must know about
the elements of an information security organizational
infrastructure. These elements includes responsibilities,
policies, standards, procedures and the like (a list of
these is provided in "Current Documents"). The
manager must also be familiar with, and know how to
use, generally accepted information security management
tools such as risk analysis software and
contingency planning software. This manager must
additionally be aware of other information systems
management tools that can be used to enhance information
security; one commonly deployed example is a
network management system. If the manager is not
familiar with information security management tools
and approaches, he or she will not be able to marshal the
limited information security resources to the organization's
best advantage. This in turn will lead to problems
like unnecessary costs and delays in developing new
systems. For example, the manager may then suggest a
manual solution when an automated solution is current
available and more cost-effective.
INFORMATION SECURITY MANAGER QUALIFICATIONS
 Introduction
Excellent communication skills
Good relationship management skills
Ability to manage many important projects simultaneously
Ability to resolve conflicts between security and business objectives
Ability to see the big picture
Basic familiarity with information security technology
Real world hands-on experience
Commitment to staying on top of the technology
Honesty and high-integrity character
Familiarity with information security management
Tolerance for ambiguity and uncertainty
Demonstrated good judgement
Ability to work independently
A certain amount of polish
|
Information Security Roles and Responsibilities Made Easy, Version 2
By Charles Cresson Wood
278 pages; $495
Published by Information Shield
Download Appendix B, Personal Qualifications
|
|
|
|
|
|
