CISO/Security Team roles and functions

[soul <soul1273 () yahoo fr>]

Hi All,
In my organization, the IT security Team is in charge of risk management, security policies, and 
administration/management of access, rights and authorization for in some applications (SAP, SWIFT,...)and Firewals 
administration for traffic authorization on the network. But the new network division chief said that the security team 
should only provide security policies but not firewalls administration. He want the network team be in charge of the 
Firewalls administration. He said firewalls administration is operational security and should be perform by network 
team. But, I respond to him that there is need of segregation of duties and responsibilities. the Firewalls are 
installed by Network team but the administration of firewalls is perform by IT Security team like for the applications.

What can or should be the roles and functions of a security team in an organization?
There is a confusion concerning some terminologies: OPERATIONAL SECURTY, SECURTY ADMINISTRATION,....

thank you.


      _____________________________________________________________________________ 
Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail http://mail.yahoo.fr