Best Practices Report - CISO Reporting Structure Within the Organization

The IT Policy Compliance Group has issued a new report showing how some organizational structures and strategies yield better results for Information Security.
 
This latest IT PCG report shows that organizations with a chief information security officer (CISO) or a senior manager of IT assurance in charge of information security who reports to either a chief risk officer (CRO), or chief compliance officer (CCO) share the best outcomes, including:

• The highest rates of customer retention, revenue and profit
• The least data loss or theft and the lowest financial exposure from data loss
• The fewest hours of business downtime from IT failures or disruptions
• Spending 50 percent less on audit each year

In contrast, other organizations that have far different approaches for managing the information security function do not get the same positive results.
 
To read the full findings of this report, please click: http://www.itpolicycompliance.com/research_reports/