Information security architect

Definitions[]

An information security architect

“

[e]nsures that the information security requirements necessary to protect the organization’s core missions and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting information systems supporting those missions and business processes.^[1]

”

“

is an individual, group, or organization responsible for ensuring that the information security requirements necessary to protect the organizational missions/business functions are adequately addressed in all aspects of enterprise architecture, including reference models, segment and solution architectures, and the resulting information systems supporting those missions and business processes. The information security architect serves as the liaison between the enterprise architect and the information system security engineer. In addition, information security architects advise the chief information officer, the chief information security officer, and risk executive on a range of security-related issues, including, for example, assessing the severity of weaknesses and deficiencies in the information system, risk mitigation approaches, security alerts, and potential adverse effects of vulnerabilities.^[2]

”

References[]

↑ Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at 40.
↑ Electricity Subsector Cybersecurity Risk Management Process, App. F, at 74.

[1] Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at 40.

[2] Electricity Subsector Cybersecurity Risk Management Process, App. F, at 74.

[1]

[2]