Skip to main content

This section of the ISM provides guidance on Chief Information Security Officers.

Cyber security leadership

To provide cyber security leadership within organisations, it is important that each organisation appoints a Chief Information Security Officer (CISO).

Security Control: 0714; Revision: 4; Updated: Sep-18; Applicability: O, P, S, TS
A CISO is appointed to provide cyber security leadership for their organisation.

Responsibilities

The CISO within an organisation is typically responsible for providing strategic-level guidance for their organisation’s cyber security program and ensuring compliance with cyber security policy, standards, regulations and legislation. They are likely to work with a Chief Security Officer, a Chief Information Officer and other senior executives within their organisation.

Security Control: 1478; Revision: 0; Updated: Sep-18; Applicability: O, P, S, TS
The CISO provides strategic-level guidance for their organisation’s cyber security program and ensures their organisation’s compliance with cyber security policy, standards, regulations and legislation.