is4profit small business free small business information and advice
Small Business Ad
Home Business Advice IT & Telecoms Information Security For Business
Wednesday, 20 August 2008
Main Menu
Home
Business Advice
Business Courses
Business Directory
Find an IFA
Mobile Broadband
Mobile Phone Guide
Personal Finance
Phone Legal Advice
Products & Services
Small Business News
Trade Associations
Hot Links
Win learndirect courses worth over £200
Release the Potential of your Workforce
The fastest, most reliable mobile broadband for business from Vodafone
Guide to Energy Performance Certificates for Buildings
Business Vehicles
Search Engine Marketing
Government Grants
Article Index
Information Security For Business
Introduction
What Is Information Security?
Why Is Information Security Important To Me?
What Is The Best Approach To Provide Security?
What Roles and Responsibilities Should I Consider?
What Security Do I Need?
How Do I Develop My Security Policy?
How Do I Provide Security Solutions?
Further Advice
Page 6 of 10

Information Security For Business

Small Business Ad

What Roles & Responsibilities Should I Consider?

Effective protections of our homes requires someone to take responsibility for ensuring that effective security controls are in place, such as ensuring that appropriate building and contents insurance is obtained.

In the same way, someone in your organisation should take responsibility for ensuring that your company information is protected appropriately.

For information security to be effectively implemented it is essential that security related roles are defined. All staff within your organisations should know who fulfils these roles and what their general responsibilities are.

To enable information security procedures to be effectively implemented, it is essential that specific responsibilities are allocated to nominated employees.

For example:

Chairman, and top management: formally endorse (and actively support) the company security policy.
Information Security Manager: develop, implement and periodically review the company security policy and procedures.
Users: follow the procedures set out in the company security policy.

Responsibilities may vary according to the size and nature of the organisations. Some may not need a full-time Information Security Manager, but nevertheless the role should be clearly defined within a specified employees job description. On the other hand, large organisations may need to employ a number of people to carry out this role.

The security organisation should complement the business processes.
 
< Prev   Next >