Final answer:
A feasibility study for determining the optimal number of personnel required for the information security department.
Step-by-step explanation:
Information security functions requiring personnel: Identify the specific functions that need to be performed, such as risk assessment, incident response, vulnerability assessment, and security policy development.
Number of information security personnel required: Consider the workload and complexity of the organization's information security needs. For example, if the workload is high and the organization has a large number of systems, more personnel may be needed.
Skill levels for each position: Determine the required skill levels for each position based on the complexity of the tasks and the organization's security goals. This can include positions at junior, mid-level, and senior levels.
Estimated salary requirements: Research industry standards and market rates to estimate the salary requirements for each position. Consider factors such as years of experience, certifications, and the cost of living in the organization's location.
Percent increase of the overall BCC IT/security labor budget: Calculate the percentage increase required to accommodate the additional personnel and their salaries.
Summary and Recommendation:
Based on the specific functions, workload, skill requirements, and salary estimates, I recommend hiring X number of information security personnel. This will ensure that the information security department is adequately staffed to meet the organization's security needs.