| Chief Information Security Officer |
Article Index for Chief |
Website Links For Chief |
Information AboutChief Information Security Officer |
| CATEGORIES ABOUT CHIEF INFORMATION SECURITY OFFICER | |
| management occupations | |
|
A chief information security officer (CISO) is a job that focuses on Information Security within an Organization . The job's responsibilities vary depending on the needs of the enterprise but often include responsibility for:http://www.chiefinformationsecurityofficer.comhttp://cisohandbook.com
The chief information security officer often reports to the Chief Information Officer or even directly to the Chief Executive Officer . Roles and responsibility of CISO is yet to crystalize. Generally CISO of the organization is the policy maker with security operations as implementer and IT Audit as person who verifies compliance. CISO is mandated to continuously question the existing standards in the light of the changes in the environment and make suitable changes to the policies of the organization. Leading institution has classifed the role of CISO as under :
CISO is expected to communicate to all the stake holders. Further he has the responsibility of creating security awareness among the organization staff and stake holders.
CISO is required to do the risk assessment of the information assets of the organization. He is expected to recommend controls in light of the value vs. threat vs. vulnerability vs. cost.
Security officer is required to conduct periodic vulnerability assessment of the assets of the company. Further he is expected to analysis the logs of the various system for initiating preventive measures.
Ensure that process exist in the organization for the creation, modification, access priveleges and deletion of userid. Conduct review to assess that the access priveleges are on the basis of need to know. NOTES AND REFERENCES |
|
|