M.3) Split corporate from product security tasks

A general description on the terms can be found in this blog post.

Category:        Organizational

Responsible:   CSR, PSR

Effort:              15 minutes per week for synchronization of CSR and PSR

Based on:       [1]

The different security tasks are classified either as product security or corporate security tasks. This ensures clear responsibilities. Nevertheless it is important that CSR and PSR talk to each other and synchronize their operation. Some tasks also need to be handled by both.


[1] P. Watson, “Corporate vs. Product Security,” May 2013. [Online]. Available: https://www.sans.org/reading-room/whitepapers/bestprac/corporate-vs-product-security-34237. [Accessed 19 06 2016].



The information contained in this website is for general information purposes only. You can find more information about the accuracy of the information on the disclaimer and terms and conditions pages.