developing the security

Topics: Security, Risk, Forensic science Pages: 9 (1853 words) Published: June 22, 2014

Chief Information Security Officer
The chief information security officer is there to examine and respond to a number of things. There are different functions which are performed by the CISO of the organization. It is clear from its name that the role of the CISO is a leader of the whole IT security. Functions of CISO

There are a number of critical functions of CISO which he needs to be performing in the organization. For example if something goes wrong and a breach happens in the organization, the CISO is the right person who is going to be solving and resolving the breach responsibilities. He is going to be quick in his act and he will take an immediate action against the breach and the protection of the organization. He will announce each step that is going to be performed to contain the breach. Another example is when the value of company and other emerging risks start harming the company the CISO will lead a management against it. He will lead an operational risk management and cover the activities which have to be performed under it. He is the one to tackle and address everyone about the generating risks and the strategies to handle them. Another example is if the company assets, intellectual property, computer system etc are going to be threatened, the CISO will over look them. It is the duty of the CISO to provide safety to not only the digital devices but also to the other things including assets and property etc. he is the one who will oversee the whole network of security directors and provide the physical safety to every equipment and customer as well. (Matthew Todd, 2012)

CISO Competencies
Competency is basically an ability or expertise of a person. CISO have many core competencies related to the organization to which he is affiliated. There are a number of competencies which a CISO could perform from the given website. Following are the three specific competencies of CISO: Computer Forensic.

Incident Management.
Risk Management.
Chief Information Officer
The chief information officer is there to examine and protect the information and data integrity of an organization. He is there to over look all the functions related to the IT of an organization. The CIO increases the meaning of the IT by perfectly lining up the business goals of the IT. Functions

Using EBK as a guide, specific functions are performed by the CIO. The CIO approves and evaluates the efforts of development to ensure that the safeguards of baseline security are properly installed or not. For example when an organization feels any threat to happen the CIO of the organization perform such function so the company do not face any threat. Another example is that when an organization identifies vulnerabilities occurring during the risk assessment, audits, inspections etc, it is the duty of the CIO to ensure the plan of action or the remediation plans are in place against such vulnerabilities. It is the duty of the CIO to implement the security requirements and the IT policies and procedures and make them perform properly. CIO has to be sure about the successful implementation and functionality of both of them. The CIO performs this duty when he has to over check the organization’s missions and goals. Another example is that when a risk occurs in the IT system, the CIO has to be there to deal with it. The CIO must participate in the information security risk assessment during the Security Assessment and Authorization process so that he will be aware of assessing the risk happened in the information system. CIO must oversee and provides his opinion regarding the risk originated. (Laura Schneider)

Security Assurance
Security assurances are basically the promises and guarantee of security made by the organization and achieved by the CIO. It is very important to attend different programs headed by the Chief information officer. In their security awareness, training and education programs they use to explain different awareness...

References: 1. Matthew Todd, (2012), “Chief information security officer skills”, Retrieved from:
2. Laura Schneider, “CIO - Chief Information Officer”, Retrieved from:
3. Bruce J. Nikkel, (2006), “The Role of Digital Forensics within a Corporate Organization”, Retrieved from:
4. Timothy Roufa, (2013), “Forensic Computer Investigator and Digital Forensic Expert Careers”, Retrieved from:
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Developing the Security Program Essay
  • Essay about security
  • Norms in Security Essay
  • Network Security Essay
  • Security Essay
  • Collective security Essay
  • Security Essay
  • Essay on Security

Become a StudyMode Member

Sign Up - It's Free