Chief Security Officer (Director of Security) Outside Security Consultants

Information Security Manager

Security Compliance Officer

Physical Security Manager

Information Security Technician

Physical Security Officers

Firewall Technician

The above chart depicts the security departments layout. This is for an imaginary company that needs to take security very seriously and has put it as its highest priority. As you can they have placed The CSO at the top of the security ladder with all other departments reporting directly to the CSO who in turn reports directly to the comapanys CIO. The other departments that fall under this chart are the Information Security, Physical Security and Security Compliance departments with all outside contractors reporting to the CSO as well. Below are brief description of each position. CSO: Director of Security, Manages security programs and all security departments. Oversees all processes with policiy making, staffing, planning, budgeting and implementation. (CISSP accredation required) Information Security Manager: manages the developemnt of infosec programs and controls reports directly to the CSO. Communicates performance evaluations of security programs along with risk assessmentsand the management of staff under them. (SSCP required) Infosec Technician: The position of the Infosec technician will include but not be limited to implementaiton of new hardware and software, diagnostics and troubleshooting coordinate with outside departments to ensure proper function of the security technology.(SCNP or equivalent required) Firewall Technician: Maintains firewalls on a day to day basis to ensure proper function. Implements new firewalls rules as instructed and monitors firewalland network activity. (SCNS or equivalent required) Security Compliance Officer: Monitors all departments with organization to ensure all security practices are being followed. Reports directly to CSO, manage and conduct reviews of security compliance develop and institue compliance programs and guideline. (CISM resquired)

Physical Security Manager: Manages all aspects of physical security and the personel assigned. Will create and implement physical security procedures and ensure that it is upheld through the force of qualified sercurity personel. Handles department budgeting and equipment roll out. Reports directly to CSO. Physical Security Officer: Maintains the policiy and procedures put in place by the PSM. Goal is to maintain a safe and secure work enviroment. Included but not limited to monitoring of surveillance systems, building and lot access control, company checkpoints, security patrols and employee terminations.

This approach should give them the security they are looking for. It implents all aspects of the security process and also adds a system of checks and balances with the Security Compliance Officer. When filling out the chart and the brief descriptions I tried to make sure everyone had a clear job and that there wasnt a large amount of overlap in each category this allows each person to be more effective.