A security administrator is a person who is solely responsible for controlling and coordination the activities pertaining to all security aspects of the organization.
A security administrator attempts to ensure that the facilities in which systems are developed, implemented, maintained and operated are safe from threats that affect the continuity of installation and/or result in loss of security.
The security administrator sets policy, subject to board approval.
He also investigates, monitors, advise employees, counsels management on matters pertaining to security.
The security administrator is responsible for establishing the minimal fixed requirements for classification of information based on the physical, procedural, and logical security elements. The needs to protect these securities are also stressed. He assigns responsibilities to job classifications and formulates what to be done in case of exceptions.
The security administrator guides other information security administrators and users on the selection and application of security measures, he trains them of how mark and handle processes, train security coordinators, select software security packages and solve problems.
The security administrator also does the following:
Investigates all security violations.
Advises senior management on matters of information resource control.
Consults on matters of information security.
A security administrator also has the responsibility of conducting a security program, which is a series of ongoing, regular, periodic evaluations of the facilities available.
A security administrator has to consider an extensive list of possible threats to the organization, prepare an inventory of assets, evaluate the existing controls, implement new controls etc.
The security administrator requires the assistance of many individuals because of their expertise in that particular field. The auditor should see to that these steps are performed on a regular basis, the results of the reviews are analyzed and documented, and advises the management on appropriate action in light of the results.