The Enterprise

No matter the size of an enterprise, whether it is a public or private enterprise or whether it is a single or multicountry enterprise, there is a need for an information security professional in the organization. The information security professional’s responsibilities can be far and wide, depending on the size of the organization. Can an enterprise afford a team of information security professionals? How many should be dispersed through the enterprise? These questions need to be answered through an enterprise risk assessment before an information security team can be built and assigned to an enterprise organization. There is no right or wrong placement within the enterprise, as long as the mission and tasks can be completed by the information security team.