What is a Function?
A function is a collection of activities or procedures arranged in a logical way that accepts input and produces output.
An organizational unit or department performs one or more functions to create and deliver values. For example, the functions performed by HR include staffing, development, compensation, safety and health, employee and labor relations, and so forth.
However, a function may or may not be performed by a department that appears in the organizational structure diagram officially. So does the security function.
A security function is a function that ensures security by applying safeguards to protect assets from threats to achieve confidentiality, integrity, and availability.
For simplicity, a security function can be viewed as an unofficial or virtual security department. A security department performs security functions, but security functions can be performed by any department officially or unofficially.
Large organizations typically institute a dedicated organizational unit or department to perform security functions, while some organizations just decide to perform security functions without a formal department. For instance, it’s common for organizations to delegate IT department to take care of security instead of the information security department.