1 / 8

Role and Responsibilities of an Information Security Officer ISO

October 17, 2007. State Information Security Office. 2. Guide for Role and Responsibilities. The Guide includes:References policy requiring an ISODescribes skills and abilitiesRecommends training and certificationIdentifies the Role and Responsibilities covering the 12 Components of an Effective

kura
Download Presentation

Role and Responsibilities of an Information Security Officer ISO

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Role and Responsibilities of an Information Security Officer (ISO) Presented by Rosa Umbach

    2. October 17, 2007 State Information Security Office 2 Guide for Role and Responsibilities The Guide includes: References policy requiring an ISO Describes skills and abilities Recommends training and certification Identifies the Role and Responsibilities covering the 12 Components of an Effective Information Security Program

    3. October 17, 2007 State Information Security Office 3 The ISO in State Government All state agencies must designate an ISO to oversee the agency's compliance with information security requirements. SAM Section 4841.1 SAM Section 4841.2 Sam Section 4845

    4. October 17, 2007 State Information Security Office 4 Successful ISOs – Necessary Skills and Abilities Strategic Agency’s program areas and business needs Keeping abreast of evolving technologies Management and communication skills Effective communication, verbal and written Interact with critical staff Technical Competence Knowledge and skills Understand how technical issues affect the business of the agency

    5. October 17, 2007 State Information Security Office 5 Training and Certification Training Suggestions Basic information security training Management and leadership Legal courses in security Technical security Audit Certification

    6. October 17, 2007 State Information Security Office 6 12 Components of an Effective Information Security Program Risk Management Policy Management Organizing Information Security Asset Protection Human Resource Security Physical and Environmental Security Communication and Operations Management Access Control Information Systems Acquisition, Development and Maintenance Incident Management Disaster Recovery Management Compliance

    7. October 17, 2007 State Information Security Office 7 Security Program Guide The twelve key components identified in the Information Security Program Guide for State Agencies were used in this Guide to support ISOs with their role of proper planning, development, management and oversight of an information security program.

    8. October 17, 2007 State Information Security Office 8 Contacts Rosa Umbach (916) 445-1777 ext 3242 Colleen Pedroza (916) 445-1777 ext. 3224 Michele Robinson (916) 445-1777 ext. 3263 SISO shared telephone (916) 445-5239 www.infosecurity.ca.gov

More Related