CISM 2017 International study group

information security roles and responsibilities

Senior Manager 
          ultimate responsibility 
Information security Officer 
         functional responsibility 
Security Analyst 
          Strategic, develops policies and guidelines 
Owner 
        - Responsible for asset 
        - Determine level of classification 
        - Review and change classification 
        - Can delegate responsibility to data custodian 
        - Authorize user privileges 
Custodian 
        - Run regular backups/restores and validity of them 
        - Insuring data integrity and security (CIA) 
        - Maintaining records in accordance to classification 
        - Applies user authorization 
End-user 
         - Uses information as their job 
         - Follow instructions in policies and guidelines 
         - Due care (prevent open view by e.g. Clean desk) 
         - Use corporation resources for corporation use 
Auditor examines security controls 
You must sign in to rate content.
(Unrated)

Comments

There are no comments yet for this post.

Leave a Comment

You must be logged in to post a comment.