Information Security Officer Job Description

R

rehmat

#1
Hello Every one, I am recently hired as Information Security Officer and we are soon going for ISMS 27000 Certification. I need to know the Job description of ISO.
 
Elsmar Forum Sponsor

sagai

Quite Involved in Discussions
#2
Hiu Rehmat,
sorry, could you rephrase your question? I am not sure I am understand it.
br
Sz.
 

Richard Regalado

Trusted Information Resource
#3
Hello Every one, I am recently hired as Information Security Officer and we are soon going for ISMS 27000 Certification. I need to know the Job description of ISO.
Hi Rehmat.

They hired you as an ISO yet you don't know the roles of an ISO. Helluva of an HR department you have there mate! Have you tried asking your HR department what you're supposed to be doing there?

Stroll here for an excellent ISO JD: http://net.educause.edu/ir/library/pdf/CSD3230.pdf
 
R

rehmat

#4
Yeah I asked HR regarding it they said " You have to coordinate with our IT depart and Monitor the different System,If there is any issue talk to IT and solve it" but i think they really don't understand what ISO job description is,since we are going through the awareness sessions of ISMS and only particular depart is getting certification not the org. as a whole say that may be the reason that they are not very clear about it.Thanks a lot for the help
 

Marc

Hunkered Down for the Duration with a Mask on...
Staff member
Admin
#6
<snip> i think they really don't understand what ISO job description is <snip>
Instead of calling it an ISO Job Description, why not just call it what it is - A Job Description.

As I understand it, ISO 9001:2008 does not require documented job descriptions (someone please correct me if I'm wrong).

A documented Job Description typically includes:

The Title of the role or function.

Responsibilities: The specific activities the person is responsible for. E.g.: Specific reports, operating specific equipment, overseeing a production area.

Authorities: What actions the person has authority to do (such as stopping a production run), etc.

External qualification(s): Certifications, degrees, experience, etc.

Internal qualification(s): Experience in one or more areas of the business. These may include experience with a specific software, specific equipment, etc.​

Related Job Description discussion threads.
 
Thread starter Similar threads Forum Replies Date
A Management Representative and Information Security Officer for ISO27001 IEC 27001 - Information Security Management Systems (ISMS) 3
M Need Help With Information Security Asset Risk Register IEC 27001 - Information Security Management Systems (ISMS) 2
Richard Regalado Automotive News TISAX - VDA ISA (information security assessment) VDA Standards - Germany's Automotive Standards 5
M How To Define ISMS (information Security Management System) Scope IEC 27001 - Information Security Management Systems (ISMS) 18
A Integration of Information Security in an existent Integrated Management System IEC 27001 - Information Security Management Systems (ISMS) 4
Paul Simpson Does Knowledge Management include aspects of Information Security? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
N Anyone working on NIST SP 800-171 (Network and Information Security)? Records and Data - Quality, Legal and Other Evidence 4
R Internal Audit of Information Security and Data Protection Internal Auditing 6
Sidney Vianna Sector specific Information Security ISO Management System Standards IEC 27001 - Information Security Management Systems (ISMS) 1
H ISMS (information security management system) Manual ISO27001:2013 Example wanted IEC 27001 - Information Security Management Systems (ISMS) 6
Richard Regalado 2014 Information Security Breaches Survey by PWC IEC 27001 - Information Security Management Systems (ISMS) 1
Colin Objectives Form - Format for Documenting Information Security Objectives IEC 27001 - Information Security Management Systems (ISMS) 2
D Please help for the CISSP (Certified Information Systems Security Professional) Exam Professional Certifications and Degrees 2
L A 6.1.8 Independent review of information security question IEC 27001 - Information Security Management Systems (ISMS) 1
B Lessons Learnt template - Information Security Management System Experiences Document Control Systems, Procedures, Forms and Templates 1
M Business Case for ISMS (Information Security Management System) IEC 27001 - Information Security Management Systems (ISMS) 1
R ISO 27001 A.8.2.2 Information Security Awareness, Education and Training IEC 27001 - Information Security Management Systems (ISMS) 10
K Effectiveness of ISMS (Information Security Management System) Controls Measurement IEC 27001 - Information Security Management Systems (ISMS) 3
A ISMS (Information Security Management System) Policy vs. Information Security Policy IEC 27001 - Information Security Management Systems (ISMS) 1
T ISMS (Information Security Management System) Task Flow Chart in 'Detail' IEC 27001 - Information Security Management Systems (ISMS) 7
T Information System Security (infosec) Incident Form - Looking for samples IEC 27001 - Information Security Management Systems (ISMS) 4
Richard Regalado Information Security Joke on Password Management Funny Stuff - Jokes and Humour 4
Richard Regalado ISO/IEC 27007:2011 (ISMS) Information Security Management Systems Auditing IEC 27001 - Information Security Management Systems (ISMS) 6
Richard Regalado Banning Social Media INCREASES Risks to Information Security IEC 27001 - Information Security Management Systems (ISMS) 2
Richard Regalado ISO/IEC TR 27008:2011 (Information System Controls & Security) October 6, 2011 IEC 27001 - Information Security Management Systems (ISMS) 0
sagai ISO/IEC 24745:2011 - New Standard for Biometric Information Security IEC 27001 - Information Security Management Systems (ISMS) 1
A ISO 27000 (Information Security Management Systems {ISMS}) Basic Questions IEC 27001 - Information Security Management Systems (ISMS) 8
C FDA Requirements and Cyber Information Security Other US Medical Device Regulations 3
K ISMS (Information Security Management System) Implementation Guide IEC 27001 - Information Security Management Systems (ISMS) 12
P ISO 27001:2005 Information Security Management System - Revision Status IEC 27001 - Information Security Management Systems (ISMS) 5
C ISO 27001 compliant Information Security Log IEC 27001 - Information Security Management Systems (ISMS) 8
S Internal Audits to ISO 27001 (Information Security) Internal Auditing 3
G Appropriate Processes for Information Security Management System (ISMS) IEC 27001 - Information Security Management Systems (ISMS) 7
A ISMS (Information Security Management System) 27K Legal Acts Check List IEC 27001 - Information Security Management Systems (ISMS) 1
M Inputs & Guidance on Information Security Management Systems (ISMS-ISO27000) Quality Manager and Management Related Issues 2
D Information Security Awareness Training for my company Other ISO and International Standards and European Regulations 4
Z ISO 27001 Information Security - How to write documentation and where to start Other ISO and International Standards and European Regulations 30
I Statement of Applicability per ISO 27001:2005 Information Security - Seeking Example Other ISO and International Standards and European Regulations 5
V BS7799-2:2002 - ISMS - Information Security Management Systems Other ISO and International Standards and European Regulations 5
B BS ISO/IEC 17799:2000 - Code of practice for information security management Software Quality Assurance 5
A BS 7799 and ISO 17799 document and records - Security Information Records and Data - Quality, Legal and Other Evidence 12
A Can a organization use a disclaimer "pending AS9100 Certification" in Marketing Information? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
D FDA Information - Revising the Instructions for Use US Food and Drug Administration (FDA) 0
S Mechanical Test Under FDA Freedom of Information Act Medical Device and FDA Regulations and Standards News 5
Watchcat Summary of De Novo Biocompatibility Information, 2015-2018 Other US Medical Device Regulations 0
Q Self-assessment audit information Quality Management System (QMS) Manuals 6
Sidney Vianna Release of ISO 10013:2021, Quality management systems – Guidance for documented information Other ISO and International Standards and European Regulations 0
W How long do you keep information about equipment no longer used? Document Control Systems, Procedures, Forms and Templates 2
L Documented Information in Internal Audits Process (9.2) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
R What information do i need to get from the device manufacturer 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 0

Similar threads

Top Bottom