Under our functional classification, security would go under two possible
functions: corporate-wide, policy level documents go under 'govern [the
organisation] - policy frameworks - security' (or similar third level
subject terms depending on how you manage IT access, infrastructure
resilience or whatever different aspects of security are called today). Day
to day operational documents, not policy-related, go under 'Provide support
services' followed by a suitable activity descriptor.
So we tell the users 'if it's policy and corporate wide, use governance, if
it's operational or process-specific, use support services'. Seems to be
easy to understand. It's certainly not a top level function, unless your
core business is security, and even then . . .
0407 187 333
These views are mine alone. They may or may not be those of any
previous or present employers or clients. I don't know. If I'd asked and
they'd agreed, I would have signed it "Harry Peck and Co and Glenn".
Or whatever. But I haven't, so I didn't.
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]