The IT Law Wiki

Information Security Officer

32,062pages on
this wiki
Add New Page
Add New Page Talk0

Definitions Edit

An Information Security Officer is

[the o]fficial responsible for carrying out the Chief Information Officer responsibilities under FISMA and serving as the Chief Information Officer's primary liaison to the agency's authorizing officials, information system owners, and information system security officers.[1]
[t]ypically a member of an organization who has the responsibility to establish and maintain information security policy, assesses threats and vulnerabilities, performs risk and control assessments, oversees the governance of security operations, and establishes information security training and awareness programs. The ISO also usually interfaces with [[[security]] operations to manage implementation details and with auditors to verify compliance to established policies.[2]

References Edit

  1. 44 U.S.C. §3544.
  2. Criminal Justice Information Services Security Policy, Glossary, at A-6.

Also on Fandom

Random Wiki