您的位置: 首页  >  文章  >  项目治理框架中的角色职责_安全治理中的安全角色和职责

项目治理框架中的角色职责_安全治理中的安全角色和职责

分类: 文章 2023-12-27 19:55:39
项目治理框架中的角色职责_安全治理中的安全角色和职责

项目治理框架中的角色职责

Security role is the part where an individual plays in a complete organization security implementation and administration. In this tutorials different security roles and responsibilities in an organization.

安全角色是个人在完整的组织安全实施和管理中扮演的角色。 在本教程中,组织中的不同安全角色和职责。

高级经理 (Senior Manager)

Senior Manager is responsible for all organization security. Senior Manager will have following roles and responsibilities

高级经理负责所有组织的安全。 高级经理将具有以下角色和职责

  • Sign off all policy issues

    签署所有政策问题
  • Endorse security policy

    认可安全政策
  • Sole responsibility on security failure or success

    安全失败或成功的唯一责任
  • Tracking security solutions

    跟踪安全解决方案

安全专家(Security Professional)

Security professional are word horse of the security in an organization. The implementation mainly relies on Security Professionals. Security Professionals may have following roles and responsibilities

安全专业人员是组织中安全性的代名词。 该实施主要依靠安全专业人员。 安全专业人员可能具有以下角色和职责

  • Have functional responsibility of security

    承担安全的功能责任
  • Writing security policies

    编写安全策略
  • Implementing security policies

    实施安全策略
  • Designing security solutions

    设计安全解决方案

资料拥有者(Data Owner)

Data Owner the roles who actually owns the corporate data in an organization. This is generally upper level manager who is responsible for the given operations. But as we expect managers generally do not manage operations so they delegate this responsibility to the Data Custodian.

数据所有者实际拥有组织中公司数据的角色。 通常是上级经理,负责给定的操作。 但是,正如我们期望的那样,管理人员通常不管理操作,因此他们将这一责任委托给数据托管人。

数据保管人 (Data Custodian)

Data Custodian role is responsible to implement protection measures prescribed by security policy and senior management. Generally get delegation from upper level managers

数据托管人角色负责实施安全策略和高级管理层规定的保护措施。 通常从上级经理那里获得授权

用户(User)

User the services and data consumer with little or no privileges. Users should comply with organization provided security protection and standards

使用很少或没有特权的服务和数据使用者。 用户应遵守组织提供的安全保护和标准

审核员(Auditor)

Auditor is role for reviewing and verifying security policy implementation and operations. Auditor should have some related or special training for the part he audits. Auditors generally provides reports about their audits to the managers.

审核员是审核和验证安全策略实施和操作的角色。 审核员应该对他审核的零件进行一些相关或特殊的培训。 审计师通常向经理提供有关其审计的报告。

了解更多什么是TPM? TPM的制造,管理和维护

翻译自: https://www.poftut.com/security-roles-and-responsibilities-in-security-governance/

项目治理框架中的角色职责