Demonstrated good judgement
An information security manager will be called upon to make many judgments that conceivably could have a profound impact on the future of your organization. For example, if the manager makes a bad call on an architecture decision, your organization could be widely discussed on the front page of the newspapers. This could cause the organization's reputation to suffer in a very big way. On another note, if the manager is a former hacker, this background is not convincing evidence of good judgment. It is one thing to know about system penetration tools and techniques, and it is a very different thing to actually use this information to break into a system without the involved organization's formal written consent. A successful information security manager should have a good track record of decision-making in a variety of situations, including those where both management pressure and a quick response were important factors.
![]()
INFORMATION SECURITY MANAGER QUALIFICATIONS
![]()
Introduction
Excellent communication skills
Good relationship management skills
Ability to manage many important projects simultaneously
Ability to resolve conflicts between security and business objectives
Ability to see the big picture
Basic familiarity with information security technology
Real world hands-on experience
Commitment to staying on top of the technology
Honesty and high-integrity character
Familiarity with information security management
Tolerance for ambiguity and uncertainty
![]()
Demonstrated good judgement
Ability to work independently
A certain amount of polish
![]() By Charles Cresson Wood 278 pages; $495 Published by Information Shield Download Appendix B, Personal Qualifications |