Last week, we studied how the CISO will be placed in the organization. In this post, we will study about all other security roles and their responsibilities.
It can be a manager and he is the person responsible for some specific data, information, or asset. He is the one who will define the access levels to the information, proper clearance required to access that, the procedures and guidelines for that specific things, like when to take backup, how to take backup, how to restore it, etc.
He is the one who actually performs the function determined by the owner. He is a delegate of the data owner. For example: if there is backup scheduled by the owner, the custodian is the person who will actually perform the backup. So this is the main person who is going to do all the work.
Information Security Auditor
He is the person who determine whether all the other people like the custodian, the owners or other users, even our systems and assets, etc. are in compliance with our policies, procedures, laws, standards, etc. They generally examine System, People, Processes, etc. and make the report so that we can work on them. You should note that an Auditor can be an Independent Auditor as well who may not belong to the organization in any way and is simply hired to audit things when needed.
They are generally responsible for designing the security controls in Information Systems. So we have the security controls and they are responsible for designing that into information systems.
They are responsible for drafting, implementing maintaining, managing and improving the guidelines, procedures, policies, baselines, etc.
The security administrator is the person who manages the access required by anyone, so he manages the access privileges, etc. He will grant access to people. He will revoke the access, he will transfer the access, etc.
Network / System Administrator
They are the people who will be most of the times configuring and maintaining the network and systems, making sure that they are working fine and making the security checks and also implementing the security patches, etc.
Service Desk or Help Desk Monitors
They get all the problems, questions, etc. and store that in some database or open tickets. It is an important person because whenever someone faces some problem he firstly reports it to the service desk.
Service desk may escalate the issue to the security team where the security team, may send some person from the incident response team.
Incident Response Team, when something wrong happens, the service desk gets the information and reports to incident response team. This team comes they examine what is the problem and how to fix it. If they find something wrong, then further investigation is started. The major task is to fight against incidences and help to recover ASAP.