The Rookie Chief Information Security Officer Essay

Words: 4750
Pages: 19

WEEK 10 TERM PAPER
“The Rookie Chief Information Security Officer”
Terri Cooks
Professor Parker
SEC 402 June 15, 2014

Part 1: Organization Chart
When looking at the many different roles within the management of any organization’s security program there are some titles that stand out. One would be the CISO. The CISO is the executive whose responsibility is to maintain entire security backbone, both physical and digital. In an article written for the Sans Institute by Matthew Cho, “CISO Roles and Responsibilities: According to the latest information, almost sixty percent of the organizations in the United States acknowledge the existence of a CISO dedicated entirely to security (Ware). Responsibilities for these individuals

Overall the main task of a CIO is to create an engineering environment that is secure and that engineering procedures are followed correctly they also work closely with the CISO of an organization. The role of the ISO is considered the highest-level position within an organization that main priorities are the overseeing the work of other information security professionals within an organization. The ISO duties include the 10 duties previously stated of a CIO, but the ISO has one more duty in which is Manage and design digital forensics. The role of the IT Security Compliance Officer (SCO), generally are responsible for the comprehensive security program which includes information security policies, compliance, and management. Their duties include the development of long-term security strategies and ensure that the company meets all of the mandated security standards and their client needs across the board. The SCO will then provide the leadership, any security–related vision and strategies that are required for the company’s continued market place success and presence that is needed. A SCO will hold the responsibility of the development and will implement a corporate culture of information security. By maintaining and reinforcing the culture throughout the organization through employee training and any motivation and or encouragement that needed for any business