Selecting the Business Information Security Officer with ECU@Risk and the Critical Role Model
Abstract:
In all 21st century companies and organizations, human component is the main resource with which one counts, since their development and success will largely depend on it. In securing information activities, the human component becomes a strategic element, as those responsible for its management must know in detail the business model, vision, shared values and strategy. These elements, in addition to an applied organizational style model, will allow a business ISMS to achieve the objectives set. Under this premise, a methodology was applied based on the theory of a 20-step selection process developed by Martha Alles, who summarizes the identification, evaluation, selection, hiring and incorporation of suitable staff, allowing to identify the Business Information Security Officer, as suggested by the ECU@Risk methodology. For this purpose, we analyze the main components that make up the recruitment, evaluation, selection and hiring process. The controls to the fulfillment of the corporate goals, the strategic planning and the models of structure and business culture.
Año de publicación:
2020
Keywords:
- information security
- Critical role
- human resources
- ISMS
Fuente:
scopus
googleTipo de documento:
Conference Object
Estado:
Acceso restringido
Áreas de conocimiento:
Áreas temáticas:
- Dirección general
- Ética del trabajo
- Programación informática, programas, datos, seguridad
