11 May The field log provides a concrete means for the student to: Account for professional activity in the field placement Demonstrate professional
The field log provides a concrete means for the student to:
- Account for professional activity in the field placement
- Demonstrate professional development related to contracted learning experiences and the traditional-year competencies
- Reflect on professional growth and development
- Provide information that facilitates dialogue between the student and Field Supervisor
- Document for the Field Supervisor, concerns, dilemmas and issues as they arise in the agency setting.
Students will complete logs using the attached template. In your log, follow these guidelines:
- Every log submitted by the student should reflect a unique experience with the client system context and provide an example of professional development.
- Students are responsible to protect client confidentiality and only use the client’s first name.
The Field Logs should be no more than 3 pages in length (double-spaced). Please adhere to the writing assignment policy in the Syllabus.
Saint Mary’s University
Clinical Field and Seminar Log of Professional Experiences in the Field
The field log provides a concrete means for the student to:
· Account for professional activity in the field placement;
· Demonstrate professional development related to contracted learning experiences and the clinical-year competencies;
· Reflect on professional growth and development;
· Provide information that facilitates dialogue between the student and Field Supervisor;
· Document for the Field Supervisor, concerns, dilemmas and issues as they arise in the agency setting.
Students will complete bi-weekly logs using the format provided below. Logs are expected to be no more than 3 pages in length (double-spaced). Due dates are noted in the syllabus and on Engage. Every log submitted by the student should reflect a unique experience with the client system context and provide an example of professional development.
The reported activities account for cumulative total 300+ hours per semester.
Describe one intrapersonal/interpersonal strength or challenge that you experienced this week at the Field agency (150-300 words—please be very specific in your description/reflection). Respond to the following prompts:
1. In what way was the experience a strength/challenge for you?
2. In your assessment how was this experience a strength/challenge/learning experience for others (e.g., client, co-worker)?
3. Describe the social context of the experience.
4. Cite the practice framework (e.g., theory, model, etc.) that best facilitates resolution of the practice challenge or that supports the strength(s) you experienced. Relate this practice framework to your overall practice this week and explain how it is relevant to the practice context.
5. Identify at least one other practice framework that might also be relevant in this week’s practice context. Justify your choice.
6. Identify at least two strengths of your client system that you observed this week.
7. Identify at least two practice behaviors that relate to the experience and that you enhanced as a result of this week’s experiences.
(Include narrative here)
Activity and Related Competency-Clinical Practice Level
Briefly list additional activities completed this week and indicate their relationship to the SLC and Foundation-Practice-behaviors:
Learning Contract Tasks/Related Outcomes
Specific Activity/task during this log period
(Expand this chart as needed)
Security department sizes and composition are impacted by several factors. These factors are number of data centers and Points of Presence (POPs), the industry, the company culture, whether the company is international and number of employees.
The first is the number data centers and points of presence. The cost of the security stack increases for each Point of Presence, but the number of data centers also speaks the complexity of the network. Of course, the more POPs, the more budget to pay and maintain the hardware and the more people will be needed to run everything.
The next factor is the industry. The type of industry will directly impact the composition and size of the department. A Defense sector company for instance would very likely have a larger Security Operations Center and Security Incident Response Team than say a college of similar size. The Defense sector simply has a greater threat and more regulations.
Company culture usual has an impact on what type of work is done within IT and what is done within the IT Security group. There really is no rule as to where everything should be located, so it’s usually a result of decisions made years before and no one coming up with a compelling enough reason to change it. Almost all IT Security departments have responsibility for Policy, Security Awareness, Risk Management and Incident Response. Most IT groups have responsibility over managing firewalls, even though the security department usually comes up with the standards. Most companies also have Identity and Access Control reporting somewhere in IT, although that trend is changing. I will list other common groups that could report in either or maybe even under someone else like a Chief Risk Officer. Vulnerability Management, Vendor Risk Management, Customer Assurance, Could Security, Security Architecture, Mergers and Acquisitions, Regulatory Compliance, Privacy & Physical Security.
And this isn’t and exhaustive list. There are many ways to form a department to accomplish all the work required. Some industries will even have product specific security teams that report within a business unit and not to the corporate IT or IT Security team. There are pros and cons to every department configuration, but the goal should be to make sure that all the security needs are being met in a proactive and mature (not ad hoc) fashion and that no team is responsible for something another team has authority over and that all teams with any security responsibility are communicating effectively with the others. Regardless of company or department composition, a Security Council is recommended.
When it comes to the guidance for how large a department should be and how much budget they should manage, there is some industry guidance.
For our purposes, we will use an average Fortune 500 company and we will round down to keep the math simple. IT spend will be 3% of Revenue. Revenue for our company will be $10 Billion dollars.
There is a lot of information out there about how much IT Security spend should be as a percentage of the IT budget. I found articles claiming that the average was as high as 10%. From personal experience, only financial institutions spend as much as 10% and most Fortune 500 companies are a lot closer to 3- 5%. For our purposes because I want to make it realistic, we will use 5% of IT spend. The last piece of the puzzle is that most IT Security departments spend 70% of their budget on labor.
Average salary for an individual contributor in IT Security is $80,000, realizing you will have some junior folks making less and one or two senior folks making more. An average manager will make $120,000 and the CISO will likely be a director or low paid VP, averaging around $200,000.
An average ratio of individual contributor to manager is 5-7 people. The CISO will have as many direct reports as necessary but it of the company requires a lot of teams, you may even see one or two senior managers or possibly even a director over 2-3 managers.
The other factors to consider for our mythical company will be that there are 12,000 employees, two data centers and two POPs. It is also publicly traded and only domestic, spread across a dozen states, one of which is California.
The last descriptive piece is that this is a manufacturing company that makes widgets but does not handle direct sales. They do have very cool widgets and spend a lot of money on R&D to make sure they have the coolest widgets on the market.
The important thing to remember is that there is no wrong answer, but you will need to make a best guess for department composition and staffing levels.