Fandom

The IT Law Wiki

Domestic Information Systems Security Officer

32,181pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Overview Edit

U.S. Department of State Edit

A Domestic Information Systems Security Officer (DISSO)

(1) Provides desktop security support and fulfills "in-scope" information systems security officer (ISSO) as defined in 1 FAM 275.4-3;
(2) Performs in-scope ISSO roles and responsibilities for domestic consolidated bureaus which include:
(a) Establishing enterprise policy, processes and procedures in compliance with DOS desktop security guidelines;
(b) Administrating access control/user accounts to include file permissions;
(c) Performing desktop incident handling to include incident response, computer incident response team's (CIRT) litigation and remediation requests;
(d) Executing desktop security audits to include random security scans;
(e) Managing software download request authorizations;
(f) Monitoring data transfer requests to include authorizing transfers to and from CDs, DVDs and other removable media;
(g) Providing training and education to include performing security briefings as well as informing users of Department of State security best practices; and
(h) Responsibility for maintaining requirements for all desktops and providing desktop security guidance to all users within bureaus that have fully consolidated — as defined by the respective master service level agreement (SLA) for each consolidated bureau and ISSO appointment memo.
(3) Works closely with "out-of-scope" ISSOs whose roles and responsibilities include:
(a) Performing certification and accreditation requirements;
(b) Managing "out-of-scope" applications and servers;
(c) Performing routine security audits for out-of-scope server functions; and
(d) Regulating physical security.

Also on Fandom

Random Wiki