The development of a company’s employees is of major importance. Ultimately progress and growth are what everyone’s after, but in order for that to happen, processes, workflow and ethnicity must be all under control.
In order to create a secure operations environment, an organization needs to build its structure and staff it in line with the proper approach to the human factor in Information Security. Failing to do so usually results in lack of direction, misplaced responsibility and ultimately, operational disruptions.
THE TOP-DOWN APPROACH – Information Security is never built from the bottom up. Do not assume that everyone in the organization is tuned-in to what (and how) needs to be done regarding Information Security. The major roles are usually defined as:
Senior Management – creates information security program and ensures proper and adequate staffing and funding and has organizational priority. It is responsible for ensuring organizational assets are protected.