Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

chief information security officer (CISO)

Abbreviation(s) and Synonym(s):

CISO
Senior Agency Information Security Officer

Definition(s):

  Official responsible for carrying out the Chief Information Officer responsibilities under the Federal Information Security Management Act (FISMA) and serving as the Chief Information Officer’s primary liaison to the agency’s authorizing officials, information system owners, and information systems security officers. [Note 1: With respect to SecCM, a Senior Agency Information Security Officer is an individual that provides organization-wide procedures and/or templates for SecCM, manages or participates in the Configuration Control Board, and/or provides technical staff for security impact analyses. Note 2: Organizations subordinate to federal agencies may use the term Senior Information Security Officer or Chief Information Security Officer to denote individuals filling positions with similar responsibilities to Senior Agency Information Security Officers.]
Source(s):
NIST SP 800-128 under Senior Agency Information Security Officer (44 U.S.C., Sec. 3544)

  See Senior Agency Information Security Officer.
Source(s):
FIPS 200 under CHIEF INFORMATION SECURITY OFFICER
NIST SP 800-137 under Chief Information Security Officer
NIST SP 800-30 Rev. 1 under Chief Information Security Officer
NIST SP 800-37 Rev. 1 under Chief Information Security Officer
NIST SP 800-39 under Chief Information Security Officer
NIST SP 800-53 Rev. 4 under Chief Information Security Officer
NIST SP 800-53A Rev. 4 under Chief Information Security Officer

  Official responsible for carrying out the Chief Information Officer responsibilities under FISMA and serving as the Chief Information Officer’s primary liaison to the agency’s authorizing officials, information system owners, and information system security officers.
Source(s):
NIST SP 800-18 Rev. 1 under Senior Agency Information Security Officer (44 U.S.C., Sec. 3544)
NIST SP 800-60 Vol. 1 Rev. 1 under Senior Agency Information Security Officer
NIST SP 800-60 Vol. 2 Rev. 1 under Senior Agency Information Security Officer

  Official responsible for carrying out the Chief Information Officer responsibilities under FISMA and serving as the Chief Information Officer’s primary liaison to the agency’s authorizing officials, information system owners, and information system security officers. [Note: Organizations subordinate to federal agencies may use the term Senior Information Security Officer or Chief Information Security Officer to denote individuals filling positions with similar responsibilities to Senior Agency Information Security Officers.]
Source(s):
NIST SP 800-30 Rev. 1 under Senior Agency Information Security Officer (44 U.S.C., Sec. 3544)
NIST SP 800-53A Rev. 4 under Senior Agency Information Security Officer (44 U.S.C., Sec. 3544)

  See senior agency information security officer (SAISO).
Source(s):
CNSSI 4009-2015 (FIPS 200)

  Official responsible for carrying out the Chief Information Officer responsibilities under FISMA and serving as the Chief Information Officer’s primary liaison to the agency’s authorizing officials, information system owners, and information system security officers. Note: Organizations subordinate to federal agencies may use the term Senior Information Security Officer or Chief Information Security Officer to denote individuals filling positions with similar responsibilities to Senior Agency Information Security Officers.
Source(s):
NIST SP 800-53 Rev. 4 under Senior Agency Information Security Officer (44 U.S.C., Sec. 3544)

  Official responsible for carrying out the Chief Information Officer responsibilities under FISMA and serving as the Chief Information Officer’s primary liaison to the agency’s authorizing officials, information system owners, and information system security officers. [Note: Organizations subordinate to federal agencies may use the term Senior Information Security Officer or Chief Information Security Officer to denote individuals filling positions with similar responsibilities to Senior Agency Information Security Officers.]
Source(s):
NIST SP 800-39 under Senior Agency Information Security Officer (44 U.S.C., Sec. 3544)