I work for a major Global manufacturing and distribution company. Currently within the IT function we do not have a specific Security group. Security is devolved amongst the various IT technical groups ………
My question is what is the best scenario with large companies. Devolved security functions within the technical groups or a centralised security group at least governing the IS security within the company ????
