Information security management involves ensuring and sustaining integrity and accessibility of organizational information and knowledge. This covers digital data, records and knowledge management. This process involves systems that are put in place to ensure that an organization’s sensitive information is managed in a systematic and secure manner. This process encompasses people, IT systems and processes. In other words, this field focuses on implementation of security policies, information security strategies and establishing information security processes and also developing information security measures. Information security management professionals need to have deep knowledge on data protection, records management and information security. They need also to have gone through information security training courses (John 2009).
Information security engineering entails developing comprehensive engineering plans and designs for controls and systems and security elements that are meant to ensure that security of sensitive information in an organization is not breached. This field requires one to have gone through training and acquired insight knowledge on aspects of information security infrastructure design and implementation, computer forensics and risk assessment and also the impact of security requirements on business operations (Debra 2008). for instance a Bachelor of Science degree in information assurance and security engineering (University of Houston, 2010). Professionals in this field should have enough experience on how to implement and manage various security infrastructure components.
Information security administration involves planning, organizing and monitoring various security procedures, strategies and programs. This ensures good information security governance and in putting up efficient information strategies and policies. The information security administrator ensures that appropriate information strategies are adequately addressed in an organization’s short term and long term plans. The information security administrator should have appropriate education and experience in security and risk management; information security administration (John 2009).For instance a graduate certificate in information security and related support services is indispensable in this field (Nova Southern University 2010). This field also requires one to have experience in harmonizing various security operations in an organization (John 2009).