Home > Security Tips > Risk Management Strategies > Six key practices for a successful interdepartmental security committee
Security Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

RISK MANAGEMENT STRATEGIES

Six key practices for a successful interdepartmental security committee


Al Berg, CISSP
05.25.2004
Rating: -4.09- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


I know, I know – the thought of forming yet another committee and setting up yet another meeting on your crowded calendar is enough to make you roll your eyes. However, when properly organized and run, an interdepartmental security committee (ISC) can provide the infosec professional with valuable information, assistance when a crisis hits, and maybe most importantly, a closer relationship with business units. In many cases, the impetus for starting an ISC is the writing of policies to govern information security in an organization.

Here are some best practices to help you form and make the most of an interdepartmental security committee (ISC) in your organization:

Properly focused on the security needs of the business, an interdepartmental securi



ty committee can extend the reach of your corporate infosec department into the business units and build an organization-wide awareness of security as a business enabler rather than as a barrier to growth.

About the author
Al Berg, CISSP, is a technical director in the Corporate Information Security Department of a firm providing computer services to the financial services industry. Al has been in the information security industry for more than 10 years and has provided consulting services to major corporations and the U.S. Defense Department. Al has spoken at numerous industry conferences in the U.S. and Europe, and has published many articles on networking and security topics, including some in our sister publication Information Security magazine.

Rate this Tip
To rate tips, you must be a member of SearchSecurity.com.
Register now to start rating these tips. Log in if you are already a member.




BROWSE BY TAG
Security Awareness Training and Internal Threats,   Information Security Management,   Risk Management Strategies,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Security Awareness Training and Internal Threats
Twitter risks, Facebook threats trouble security pros
Social engineering training could disrupt botnet growth
How to write a risk methodology that blends business, security needs
Risk management must include physical-logical security convergence
Tabletop exercises sharpen security and business continuity
Security policies need simplifying, expert says
Microsoft IE 8 security only benefits educated users
Security book chapter: The Truth About Identity Theft
How to integrate the security of both physical and virtual machines
Laid off workers likely to steal company data, survey warns

Risk Management Strategies
Cloud computing security: Choosing a VPN type to connect to the cloud
Cloud computing security: Routing and DNS security threats
Cloud computing security model overview: Network infrastructure issues
How to align an information security framework to your business model
When to use open source security tools over commercial products
Vulnerability test methods for application security assessments
Security book chapter: Applied Security Visualization
The 100-day plan: Achieving success as a new security manager
Recovering stolen laptops one step at a time
How to get information security buy-in from the executive team

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
dumpster diving  (SearchSecurity.com)
Honeynet Project  (SearchSecurity.com)
insider threat  (SearchSecurity.com)
National Computer Security Center  (SearchSecurity.com)
pretexting  (SearchCIO.com)
shoulder surfing  (SearchSecurity.com)
single-factor authentication (SFA)  (SearchSecurity.com)
social engineering  (SearchSecurity.com)
Total Information Awareness  (SearchSecurity.com)
trusted computing  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Research Solutions for Network Security, Access Control and Security Threats
More Security Resources for Resellers, VARs and OEMs
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts