Role Responsibility

Security Professionals Skills Matrix - Comparison between Security Specialists, Architects and Professional. The skill set for Security Specialists, Architects and Professionals is slightly different. Below typical task of each career path.

Typical Tasks for Security Specialists:
- Respond to security incidents
- Report on security threats, conduct investigations
- Maintain security infrastructure, including risk and vulnerability assessments
- Research trends and issues related to security threats and control technologies

Typical Tasks for Security Architects:
- Scope and manage projects involving network security resources

What is the cost of non compliances to the regulation? here is the list, from Sarbanes Oxley to HIPAA

Sarbanes Oxley Act
1. Action: Altering, destroying, or concealing any records with the intent of obstructing a federal investigation.
Penalties: Fine and/or up to 10 years’ imprisonment.

2. Action: Failure to maintain audit or review "workpapers" for at least five years.
Penalties: Fine and/or up to 5 years’ imprisonment.

3. Action: Anyone who "knowingly executes, or attempts to execute, a scheme" to defraud a purchaser of securities.
Penalties: Fine and/or up to 10 years’ imprisonment.

4. Action: CEO or CFO who 'recklessly' violates his or her certification of the company’s financial statements.
Penalties: Fine of up to $1 million and/or up to 10 years’ imprisonment.

5. Action: If the violation is 'willful,' the penalty increases. up to 20 years’
Penalties: Fine of up to $5 million and/or imprisonment.

What could give triggers of unethical employee behavior, Here is the list.

1. Efforts to Balance Work and Family

2. Poor Internal Communications

3. Poor Leadership

4. Unbalance Work hours or Work load

5. Lack of Management Support

6. Need to Meet Certain Target (e.g sales, budget, profit goals)

Risk Management Roles and Responsibility according to Institute of Risk Management (IRM). This job description templates can be used to design the Risk Management and Internal Audit functions.

Role of the Board
- The Board has responsibility for determining the strategic direction of the organisation and for creating the environment and the structures for risk management to operate effectively.
- The nature and extent of downside risks acceptable for the company to bear within its particular business
- The likelihood of such risks becoming a reality
- How unacceptable risks should be managed
- The company’s ability to minimise the probability and impact on the business
- The costs and benefits of the risk and control activity undertaken
- The effectiveness of the risk management process
- The risk implications of board decisions

Download Free Business Continuity Management (BCM) Board and Senior Management Roles and Responsibility Templates

1. Business continuity management should be an integral part of the overall risk management programme of financial industry participants and financial authorities.

2. Business continuity management policies, standards and processes should be implemented on an enterprise-wide basis or, at a minimum, embedded in an organisation’s critical operations.

3. An organisation’s board and senior management are responsible for managing its business continuity effectively and for developing and endorsing appropriate policies to promote resilience to, and continuity in the event of, operational disruptions.