Security Basics mailing list archives

RE: best place for IT Security team in the company organisation

From: "Mngadi, Simphiwe (SS)" <Simphiwe.Mngadi () sasol com>
Date: Mon, 13 Aug 2007 12:35:39 +0200

Part of the ITSec is governance under the office of the CIO and the
other operational under IT. All risks are operational and are only go to
CIO/IT Director when escalated depending on your companies risk matrix
(probability and impact to the organization) and type of risk, such as
strategic risks, and SOX risks. The best to address this is through a
Governance IT Security and Risk Management committee.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of soul
Sent: 08 August 2007 18:52 PM
To: listbounce () securityfocus com; security-basics () securityfocus com
Subject: best place for IT Security team in the company organisation

Hi All
In my company , there is a issue regarding the ITSEC Team place in the
company organisation. We have IT Department with telecoms & network
division, Applications development Division, and Business process
Division.
Initially, the ITSEC team is rattached directly to Director of the IT
Department office. But now, some people want the Security Team to be
splited as follow in two :
 - strategy, BCP & policies rattached to IT Director office or the
Vice-president office
-  and security operations (only Firewall admin, VPN implementation and
admin)  rattached to the telecoms and network Division.

Could you advice me on the issue..... some best practices...

thank you


 
________________________________________________________________________
_____ 
Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo!
Mail 


----------------------------------------------------------------------------
NOTICE: Please note that this eMail, and the contents thereof, 
is subject to the standard Sasol eMail legal notice which may be found at: 
http://www.sasol.com/legalnotices                                                                                       
                   

If you cannot access the legal notice through the URL attached and you wish 
to receive a copy thereof please send an eMail to 
legalnotice () sasol com
----------------------------------------------------------------------------

Current thread:

best place for IT Security team in the company organisation soul (Aug 08)
- Re: best place for IT Security team in the company organisation Kenneth Swain (Aug 08)
- RE: best place for IT Security team in the company organisation William Shepherd (Aug 08)
- RE: best place for IT Security team in the company organisation Mngadi, Simphiwe (SS) (Aug 13)
- <Possible follow-ups>
- Re: best place for IT Security team in the company organisation pks (Aug 09)
  - Re: best place for IT Security team in the company organisation SherpaJoe (Aug 10)
- Re: best place for IT Security team in the company organisation Doug Schlachta (Aug 10)