• Skip to main content
  • Skip to primary sidebar

Information Security Management ResourceKit

A Public Service of SecureTheVillage

  • Home
  • Return to SecureTheVillage

Information Security Manager

The Information Security Manager [ISM] is the organization’s most-senior level person with management and leadership responsibility for information security. The ISM may also be called the Chief Information Security Officer, CISO.

In mid-size and smaller organizations, the Information Security Management position is often not a full-time position. Thus the ISM will have other responsibilities, such as CFO, Chief Operations Officer, Managing Partner, Chief Legal Officer, Chief Risk Officer, or other.

The Information Security Manager is

  • Appointed by the organization’s Chief Executive with the responsibility, accountability and authority for information security management and the leadership responsibility for evolving a cyber-adaptive culture.
  • Leads the Information Security Management & Leadership Team to manage the organization’s information risk
  • Works with the organization’s attorneys and others to manage the organization’s operational compliance with applicable information security laws, regulations and contractual requirements
  • Works with IT to ensure security of the IT infrastructureis managed in accordance with documented security standards, such as SecureTheVillage’s Code of Basic IT Security Management Practices.
  • Works with HR and other managers to SecureTheHuman

 

Contributed by Citadel Information Group
© Copyright 2017. Citadel Information Group. All Rights Reserved.

Filed Under: Senior Leadership, Information Security Management & Governance

Primary Sidebar

Resources Areas

  • Cyber Threats
    • Ransomware
    • Online Bank Fraud
  • Information Security Management / Leadership
  • Information Security Policies and Standards
  • Information Security Risk Assessment
  • Information Classification and Control
  • Securing the Human
  • Third-Party Security Management
  • Managing Security of the IT Infrastructure
  • Legal & Related
    • Basic Cyber Laws
    • Payment Card Industry Data Security Standard (PCI DSS)
    • General Data Protection Regulation (GDPR)
    • California Consumer Privacy Act (CCPA)
    • Cybersecurity Maturity Model Certification (CMMC)
  • Getting Cyber-Prepared: Incident Response & Business Continuity
  • Managing Cyber-Risk and Insurance
  • Personal Cybersecurity
  • Cyber Freedom

Copyright © 2023 · SecureTheVillage