Dated: 02-11-2024
Ch01. what is the Role of an Information Security Manager
Information Security Manager
- The Information Security Manager (Head Of Information Security or CISO) is delegated and authorized by senior management to run the Information Security program and meet its objectives
- The Information Security Manager develops a policy to regulate the Information Security program which is signed off by senior management
- Assigned resources and authority to plan, assess, implement, monitor, test, and accredit the Information Security activities
Roles
Tasks
- Develop policy
- Training & awareness
- Design security architecture
- Design security controls
- Ensure controls are implemented
- Conduct risk assessment
- Conduct security testing
- Monitor vulnerability management program
- Facilitate incident management process
- Sign-off critical change management activities