Roles and Tasks Involved in Information Security, Research Paper Example

In order to form an organizational information security system it requires multiple layers of security to create a redundant and secure system.  Each layer provides its own unique strengths and weaknesses and each layer would complement the other layers weaknesses with their own strengths and vice versa.  This in essence would create a nearly impervious security system which would negate risks to the network, information and other information technology systems.  This umbrella of cohesive and conjunctive security layers will provide the confidentiality of information, the integrity of the data and the ability for the users to access the system as needed in a secure environment.

Many tasks are required to provide a secure environment for information.  The many tasks are required due to the fact that there are numerous risks or threats to IT systems that there must be a risk mitigation plan and action for each threat.  While some threats do not necessarily pose a clear an immediate danger there are threats that are present at every moment.  The goal is to limit the amount of actions necessary while also eliminating the risks to the IT systems and services.  Some examples of tasks that are necessary include data classification, firewall maintenance, record maintenance and virus protection.  While these are only a few of the tasks that involve security of IT resources they show a small snapshot of what is necessary to keep the IT resources secure.

In order to accomplish certain security tasks there must be responsible individuals assigned.  A couple examples include Information Security Architect and Ethical Hackers.  The role of the IS Architect is to design a secure and redundant system to thwart risks and provide a safe and secure IT environment.  The next is the ethical hacker.  Their task is to try to break into their own system using the same measures and countermeasures a threat from outside would utilize.  These roles provide key aspects for providing a security IT environment.


Stamp, M., (2011). Information security: principles and practice. Hoboken, NJ: Wiley