The protection of your company’s infrastructure could be improved by creating a separate department with sole responsibility for all aspects of IT security. The IT department faces an enormous range of management issues, of which IT security is one significant aspect. The fact is that if all IT security aspects are being handled adequately and sufficiently in advance, without any breaches, it is unlikely to be necessary to create a separate department. In order to determine if separation of IT security from the IT department is appropriate, it is first important to be aware of the IT and business drivers that influence security.