Role of Information Security Administrator:
i) A security administrator attempts to ensure that the facilities in which systems are developed, implemented, maintained and operated are safe from threats that affect the continuity of installation and/or result in loss of security.
ii) The security administrator sets policy, subject to board approval.
iii) He also investigates, monitors, advises employee, and counsels management on matters pertaining to security.
iv) The security administrator is responsible for establishing the minimal fixed requirements for classification of information based on the physical, procedural and logical security elements. The needs to protect these securities are also stressed. He assigns responsibilities to job classification and formulates what to be done in case of exceptions.
v) The security administrator guides other information security administrators and users on the selection and application of security measures. He trains them on how to mark and handle processes, train security coordinators, select software security packages and solve problems.
vi) He investigates all security violations.
vii) He advises senior management on matter of information resource control.
viii) He consults on matters of information security.
ix) A security administrator also has the responsibility of conducting a security program, which is a series of ongoing, regular, periodic evaluations of the facilities available.
x) A security administrator has to consider an extensive list of possible threats to the organization, prepare an inventory of assets, evaluate the existing controls, implement new controls, etc.