IT Examiner School

First page Table of contents Previous page 27 Next page Last page

ISP Framework

Program implementation

Board oversight and involvement

Management and control of risk

Risk assessment

Service provider oversight

Audit procedures

Board reporting

Program Implementation Chief Information Security Officers

 Designated by Board or senior management.  Responsible/accountable for administration of the Information Security Program.  Manage risk assessment process, development of policies, standards, and procedures, testing, and security reporting processes.

46

Made with FlippingBook Digital Publishing Software