What are the costs of an ISMS?

Hello List,

I do have a broad and a rather non-technical question: What are the costs of implementing and operating an Information Security Management System in medium- and large-sized enterprises?

More specifically:
- How many FTEs should be assigned to the CISO/Information Security Department (per number of employees/IT-employees)?
- How many FTEs should be working on operating the ISMS?

I know this depends also on a number of other factors like the
current IT security maturity level and nature of the business.

It would be really helpful you can comment on these questions.

I'm looking forward to having a constructive discussion.

Thank you,

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.


Relevant Pages

  • Re: Security and the User experience
    ... publishers, including Microsoft with it's operating systems, should make ... Software Installation. ... security warning message means. ... then communications will be ...
  • Re: Paranoia or something more sinister?
    ... > I believe I may have a few internet security issues that I'd like to run ... > reinstalls, upgraded Norton Security to 05, I'm operating Service Pack 2 ... > you suspect otherwise and what you would recommend? ...
  • Re: SUS/WSUS & Software Restriction Policies
    ... I know that no organization would impose so much security as to make the ... filesystem that are designed by the operating system to be used /by/ the ... As for what the DoD may or may not do... ...
  • Re: Paranoia or something more sinister?
    ... Use lusrmgr.msc to check what users are in the local users on your computer ... explained in the link below by reviewing the security log via Event Viewer. ... > reinstalls, upgraded Norton Security to 05, I'm operating Service Pack 2 ... Search & Destroy and a Windows Firewall. ...
  • Re: The straight Dubai story (not the liberal bullshit version)
    ... "It is an issue of operating some terminals within U.S. ports." ... UAE better have some security tied to the port deal or their ... Not our problems Americans! ... Terrorism can never be erased with force...With force you create more ...