Which one of the following is a disadvantage of placing secu

Which one of the following is a disadvantage of placing security within IT? The CIO would have IT implement security and is likely to back the security department in its effort to create a strong and safe information system for the organization The centralizing of security and IT under the CIO It is attractive because security and IT possess many of the same qualities and technological skills Security has no independence from IT and it is hard to blow the whistle on security issues occurring within

Solution

The disadvantage of placing security within IT is that the security has no independence from IT and it is very hard to blow the whistle on security issues occurring within the IT department or by the CIO. As the security locate within the
IT department which creates a situation at that point no one is watching the watchers (that can be the implementers).