The Information Security Manager [ISM] is the organization’s most-senior level person with management and leadership responsibility for information security. The ISM may also be called the Chief Information Security Officer, CISO.
In mid-size and smaller organizations, the Information Security Management position is often not a full-time position. Thus the ISM will have other responsibilities, such as CFO, Chief Operations Officer, Managing Partner, Chief Legal Officer, Chief Risk Officer, or other.
The Information Security Manager is
- Appointed by the organization’s Chief Executive with the responsibility, accountability and authority for information security management and the leadership responsibility for evolving a cyber-adaptive culture.
- Leads the Information Security Management & Leadership Team to manage the organization’s information risk
- Works with the organization’s attorneys and others to manage the organization’s operational compliance with applicable information security laws, regulations and contractual requirements
- Works with IT to ensure security of the IT infrastructureis managed in accordance with documented security standards, such as SecureTheVillage’s Code of Basic IT Security Management Practices.
- Works with HR and other managers to SecureTheHuman
Contributed by Citadel Information Group
© Copyright 2017. Citadel Information Group. All Rights Reserved.