chapter  7
30 Pages

Tying It All Together

Tales from the Security Consultant Working as consultants in a large organization, we were assigned to work with the information technology (IT) group to perform a risk assessment that related to the systems within the human resources function. It should be noted that within this organization, the security program was located within this IT group, and the head of IT also served as the chief information security offi cer (CISO) for the organization.