Today’s Information Security Officer: Roles and Responsibilities Webinar
When it comes to information and cyber security the responsibility falls at several levels including the Board of Directors and Senior Management.
Webinar Description and Intended Audience
When it comes to information and cyber security the responsibility falls at several levels including the Board of Directors and Senior Management. The Board is to set the tone, provide the direction, approve information security policies and designate an ISO. Senior Management is to ensure the Information Security Program is developed and maintained. The ISO; however, is responsible for overseeing and reporting on the management and mitigation of information security risks across the institution and is to be held accountable for the results of the oversight and reporting. The ISO is also responsible for seeing that the information security program is implemented and satisfies the regulatory Interagency Guidelines for Establishing Information Security Standards (GLBA). While once thought to be a technology function the role was typically delegated to the IT Manager or Officer but today the ISO is to be independent of IT operations and report directly to the board, board committee, or senior management. In fact the independence of the ISO is stated in not just one of the FFIEC IT Examination Booklets but two. The September 2016 Information Security Booklet states “to ensure appropriate segregation of duties, the ISO should be independent of IT operations staff and should not report to IT operations management”. The November 2015 Management Booklet states “the ISO should be an enterprise-wide risk management rather than a production resource devoted to IT operations”.
- Regulatory expectations
- Role of the ISO
- Typical Job Description
- Independence Mitigation Suggestions
Who Should Attend?
Board, Senior Management, Auditors, IT Management, Information Security Officer, Risk Officer, Compliance Officer, IT Committee, HR, anyone interested in the roles and responsibilities
Webinar Viewing Options
INCLUDES 7 DAYS OF UNLIMITED ONDEMAND PLAYBACK! With this option, you will participate in the webinar live, via the internet. You will login to the webinar on your PC to view the PowerPoint presentation, and you have the option of using your PC speakers or a telephone for the audio. You can type and send your questions to the instructor. Many companies are now running their PC through an LCD projector allowing many employees to participate at the same time. And don’t worry if you miss the webinar, you can still view it for up to seven days after it takes place!
SIX MONTH ONDEMAND VIDEO:
With this option, you will receive an e-mail that contains a link to the PowerPoint slides (to download, print, and copy) as well as a link to the media player where you will view and hear the entire webinar just as it was delivered, featuring the full-color PowerPoint presentation with audio. You can pause, fast-forward and rewind as needed, which makes it a very effective training tool. The OnDemand Video will be available to you (and anyone else in the company) for six months and can be accessed 24/7 as many times as you wish. Delivered via e-mail the day after the webinar takes place.
If you do not have internet access or want to make the webinar part of your training library, the CD-ROM Recording is a great option for viewing a webinar. You can pause, fast-forward and rewind as needed, which makes it an effective training tool. With this option, you will receive a download of any applicable handouts and a CD-ROM (featuring the full-color PowerPoint presentation with audio) via regular mail. Mailed 7 to 10 days after the webinar takes place.
Webinars can be scheduled and offered exclusively for your company. They can even be customized to best fit your needs. To find out more, please complete the in-house request form found in the Schedule and Registration Information section below.
Continuing Education (CE) Credits
This webinar is recommended for 2.5 CE Credit Hours. Each attendee will receive a Certificate of Attendance for self-reporting of CE Credits.