ABSTRACT
The organisation of information security describes the roles and responsibilities of all staff who engage in ICT security at an operational level. Many organisations already have an Information Security Officer (ISO), more commonly called a Chief Information Security Officer or CISO. The goal of physical security is to make it too expensive to an attacker to warrant him making an attempt to access or steal an asset. Physical security should also prevent accidental access to or damage of assets. Applied to ICT/cyber security, this includes physical controls such as walls, floors, ceilings, doors, locks, cages, CCTV, alarms and so forth, plus controls that lock down hardware to prevent tampering and removal. The goal of logical security is to ensure that only authorised users can access and use systems or the data they hold and that all usage is in accordance with defined policies.
