In this chapter we will discuss the issue of managing security processing in business organization with special emphasis on computer systems. Our intention is not to prove that managing information security resources is the most important issue within the information security domain but that it must deal first in a chain of activities leading to building and operating information systems in a secure way. Before starting the discussion it is necessary to look at the historical developments leading to this issue. Most people are aware of the dramatic rate of development of information technology. However, few could attach quantitative values measuring this growth apart from a known statement that “If the auto industry had done what the computer industry has done in the last 30 years, a Rolls-Royce would cost $2.50 and get 2,000,000 miles per gallon.” This is true, but a more precise measure must be introduced.