Ability to work independently

This book chapter covers the qualifications of an information security manager who is able to work independently.

The information security manager must be able to work independently without direct supervision or encouragement. In many cases, top management will not know exactly what he or she is doing. At the same time the manager must be accountable to top management and the Audit Committee on the Board of Directors.

The manager must be able to stay focused and get things done, even though the resources at his or her disposal are quite limited. The manager must also be accustomed to taking the lead and not waiting for users or other groups to tell him or her what to do.

From the editors

Learn more about how coworking facilitates working independently in IT, and watch this video case study about how the HoneyBaked Ham company fostered successful business collaboration between two independent business groups.

A deep and abiding commitment to improve the information security status of the organization must carry the information security manager through the inevitable contentious and difficult situations that he or she will encounter. To work independently, the manager must be creative, proactive and inspired by a vision of how things could be.


  Excellent communication skills
  Good relationship management skills
  Ability to manage many important projects simultaneously
  Ability to resolve conflicts between security and business objectives
  Ability to see the big picture
  Basic familiarity with information security technology
  Real world hands-on experience
  Commitment to staying on top of the technology
  Honesty and high-integrity character
  Familiarity with information security management
  Tolerance for ambiguity and uncertainty
  Demonstrated good judgement
  Ability to work independently
  A certain amount of polish


Information Security Roles and Responsibilities Made Easy, Version 2
By Charles Cresson Wood
278 pages; $495
Published by Information Shield

Download Appendix B, Personal Qualifications
This was last published in September 2005

Dig Deeper on Information security program management