Building Your Own Security Architecture Chapter 03: Know your organization

Functional department

Product department (Design), technical department (including R & D, operation and maintenance, operation, security, risk control, etc.), legal department, financial department, marketing department, public relations department, administrative department etc.

Cooperation mode

From the functional level, the common way is top-down, that is, from a committee to a specific committee to a specific working group; For example: 1. Enterprise Data Committee → 2. Enterprise data management committee → 3. Working group on enterprise data management;

Responsible for:

1. Define principles, strategic policies, and make decisions and provide conflict resolution;
2. Supervise the data management working group, solve upgrade problems, report key results, etc;
3. Define data, manage hierarchical life cycle, implement changes, evaluate quality, etc;

Security team

When resources are sufficient, the security team itself has architects, engineers, product managers, project managers, etc. In a group enterprise, different security lines will be set up for operation and management, internal control and internal audit. Different departments restrict each other and jointly build a security system. For example, the internal audit team can promote the team to optimize policy and SOP through regular audit. It is worth noting that due to different concerns in different industries, the composition of the security team is also different.

Corporate culture

The broad correct statement is that everyone should always keep healthy, be friendly to customers, be tolerant to colleagues and use innovative technology. Stay away from 996 , benign competition and avoid useless consumption.

ALL CHAPTERS:

1. Building Your Own Security Architecture Chapter 01: Basic Viewpoint
2. Building Your Own Security Architecture Chapter 02: Know your business
3. Building Your Own Security Architecture Chapter 03: Know your organization
4. Building Your Own Security Architecture Chapter 04: Yin and Yang
5. Building Your Own Security Architecture Chapter 05: Know Your Architecture
6. Building Your Own Security Architecture Chapter 06: Enterprise Security Architecture Basics
7. Building Your Own Security Architecture Chapter 07: Security Architecture Basics
8. Building Your Own Security Architecture Chapter 08: Security Solutions
9. Building Your Own Security Architecture Chapter 09: Continuous Delivery
10. Building Your Own Security Architecture Chapter 10: Become A Security Architect

This translation was based on 《安全架构要参：构建企业适用的安全架构》，and if you can read Chinese, please visit https://securityarchitecture.pro/