The IT Law Wiki

This wiki's URL has been migrated to the primary fandom.com domain.Read more here

READ MORE

The IT Law Wiki
Advertisement

Definitions[]

An Information Security Officer is

[the o]fficial responsible for carrying out the Chief Information Officer responsibilities under FISMA and serving as the Chief Information Officer's primary liaison to the agency's authorizing officials, information system owners, and information system security officers.[1]
[t]ypically a member of an organization who has the responsibility to establish and maintain information security policy, assesses threats and vulnerabilities, performs risk and control assessments, oversees the governance of security operations, and establishes information security training and awareness programs. The ISO also usually interfaces with [[[security]] operations to manage implementation details and with auditors to verify compliance to established policies.[2]

References[]

  1. 44 U.S.C. §3544.
  2. Criminal Justice Information Services Security Policy, Glossary, at A-6.
Advertisement