Role: Security Manager
The Security Manager is primarily responsible for the overall quality of the Security Management process. He/she is the main coordinator within this process and is the focal point regarding changes for both the customer and the IT organization. Therefore, all managers in the IT organization must support him in his/her role.
Extends: Process Manager
Role Sets: Security Management Roles
Relationships

Assemble and Communicate Security PolicyAssess Process ExecutionAssess Process FrameworkAssign Process Responsibilities to OrganizationsAudit ProcessCollect FeedbackCommunicate and Deploy FrameworkCommunicate Security DirectivesCommunicate to StakeholdersComplete EvaluationComplete Security PlanCreate Asset Security Classification SchemeCreate project proposalsDefine Measurements And ControlsDefine Overall Security ObjectivesDetermine Process Data RequirementsDetermine process proceduresDetermine process relationships to other processesIdentify Process Roles and ResponsibilitiesIdentify Security Policy Requirements on Asset SecurityProduce Process MeasurementsRecommend InitiativesResearch Trends and Best PracticesReview Details of Plan with StakeholdersReview Existing DocumentationSecurity Management EvaluationSecurity_Manager
Additionally Performs
Modifies
Main Description

Responsibilities

  • Ensures the confidentiality, integrity, and availability of IT infrastructure resources meets service level targets
  • Ensures that IT services conform to adopted IT security standards and practices 
  • Produces and maintains the Security Policy
  • Ensures adherence to the Security Policy, including suppliers
  • Produces and maintains the Security Plan
  • Ensures that all security controls and procedures are regularly reviewed and audited
  • Ensures rapid response to IT security violations
  • Participates in post-mortem review of security breaches
  • Assesses the security impact of new change requests
  • Participates on the Change Advisory Board (CAB) as needed
  • Carries out the Process Manager responsibilities for the Security Management process
Key Considerations
See the Process Administrator and Process Owner roles.

©Copyright IBM Corp. 2005, 2008. All Rights Reserved.