Text only site | Graphic site
Site Navigation:
Understanding | Planning | Building | Protecting | Managing | Improving
In this section:
About protecting | Why be secure? | Where do I start? | What can I do? | Key issues | Top ten e-security tips
In this sub-section:
The security program lifecycle | Who will administer and manage the process? | Who should be authorised to access data? | How do I know who is accessing my information? | How do I keep track of everything?
Implementation is a critical area and it requires good project management to balance the implementation of the controls and the associated costs. There is a wide range of internal and external resources available to accomplish this, but at a basic level every organisation going down this pathway needs to identify a specific person responsible for information and system security.
In larger organisations this is the principal role of the Chief Information Officer (CIO). In smaller organisations it may be the responsibility of a single person who also has other responsibilities within the organisation.
In some cases an external provider may undertake this role, in which case it is vital that you understand what support and service the outsource company will supply.
The key is to identify who is responsible for what and not to assume that security has been addressed by a third party.
Graphic site
Last date modified:
16 May 2009
Page URL: http://www.e-businessguide.gov.au/protecting/what/spl/implement