Discover

Home

Blogs

Trip Deals

Hotel Deals

Jobs

Videos

Articles

Directory

 

Languages

CHIEF INFORMATION SECURITY OFFICER


A 'chief information security officer (CISO)' is a job that focuses on information security within an organization. The job's responsibilities vary depending on the needs of the enterprise but often include responsibility for:[1][2]

★ security office mission and mandate development

★ security office governance

security policy development and management

★ security training and awareness development

★ security project portfolio development

★ supervision or management of ethical hackers
The chief information security officer often reports to the chief information officer or even directly to the chief executive officer.
Roles and responsibility of CISO is yet to crystalize. Generally CISO of the organization is the policy maker with security operations as implementer and IT Audit as person who verifies compliance.
CISO is mandated to continuously question the existing standards in the light of the changes in the environment and make suitable changes to the policies of the organization.
Leading institution has classifed the role of CISO as under :

★ Communications & Relationship Mgt

★ Risk & Control Assessment

★ Threat & Vulnerability Mgt

★ Identity & Access Mgt

★ Communications & Relationship Mgt
CISO is expected to communicate to all the stake holders. Further he has the responsibility of creating security awareness among the organization staff and stake holders.

★ Risk & Control Assessment
CISO is required to do the risk assessment of the information assets of the organization. He is expected to recommend controls in light of the value vs. threat vs. vulnerability vs. cost.

★ Threat & Vulnerability Mgt
Security officer is required to conduct periodic vulnerability assessment of the assets of the company. Further he is expected to analysis the logs of the various system for initiating preventive measures.

★ Identity & Access Mgt
Ensure that process exist in the organization for the creation, modification, access priveleges and deletion of userid. Conduct review to assess that the access priveleges are on the basis of need to know.

Contents
Notes and references

Notes and references


1. http://www.chiefinformationsecurityofficer.com
2. http://cisohandbook.com


This article provided by Wikipedia. To edit the contents of this article, click here for original source.

psst.. try this: add to faves
Featured Companies
Oceanfrontier HideawayOceanfrontier Hideaway
Sheraton Suites Philadelphia AirportSheraton Suites Philadelphia Airport
The Boulders Resort and Golden Door SpaThe Boulders Resort and Golden Door Spa
Coral Beach ClubCoral Beach Club
discover more →
Newest Companies
YYZ TravelYYZ Travel
Hacienda EncantadaHacienda Encantada
Marina Fiesta ResortMarina Fiesta Resort
Eldowy ToursEldowy Tours
A Friend in New YorkA Friend in New York
Sports VacationsSports Vacations
Best Western Suites Downtown CalgaryBest Western Suites Downtown Calgary
The Westin Resort & Spa WhistlerThe Westin Resort & Spa Whistler
Pelican Executive SuitesPelican Executive Suites
Club AmbianceClub Ambiance
discover more →
Chief information security officer Travel Deals
more deals →
Travel Articles
6 Money saving tips when skiing in Vail, Colorado6 Money saving tips when skiing in Vail, Colorado
Plan your honeymoon without ruining your relationshipPlan your honeymoon without ruining your relationship
Guide to travelling in Thailand: Perfect budget holidaysGuide to travelling in Thailand: Perfect budget holidays
Timely Tips on Budget Ski & Snowboard Trips This WinterTimely Tips on Budget Ski & Snowboard Trips This Winter
Tips for a Budget Ski & Snowboard Holiday this WinterTips for a Budget Ski & Snowboard Holiday this Winter
First class savings: 12 tips for business travellersFirst class savings: 12 tips for business travellers
discover more →
Recent Blogs
discover more >