Persona
encargada de velar por la seguridad de la información de la organización. Su
labor consiste en estar al día de la evolución tecnológica en la medida en que
afecta a la seguridad de la información, estableciendo puentes entre el responsable
de seguridad corporativa y los responsables de tecnología. No suele incluir
entre sus responsabilidades la seguridad física, ni la gestión de riesgos, ni
la continuidad de las operaciones.
The person in charge of
information security within the enterprise
ISACA, Cybersecurity
Glossary, 2014
The CISO (chief information
security officer) is a senior-level executive responsible for aligning security
initiatives with enterprise programs and business objectives, ensuring that
information assets and technologies are adequately protected.
http://whatis.techtarget.com/
See 'Senior Agency
Information Security Officer'. [NIST-SP800-53:2013]
See Senior Agency
Information Security Officer. [CNSSI_4009:2010]
Official responsible for
carrying out the Chief Information Officer responsibilities under the Federal
Information Security Management Act (FISMA) and serving as the Chief
Information Officer’s primary liaison to the agency’s authorizing officials,
information system owners, and information systems security officers.
Note: Organizations
subordinate to federal agencies may use the term Senior Information Security
Officer or Chief Information Security Officer to denote individuals filling
positions with similar responsibilities to Senior Agency Information Security
Officers. [CNSSI_4009:2010]
Official responsible for
carrying out the Chief Information Officer responsibilities under FISMA and
serving as the Chief Information Officer’s primary liaison to the agency’s
authorizing officials, information system owners, and information system
security officers.
Note: Organizations
subordinate to federal agencies may use the term Senior Information Security Officer or Chief Information Security Officer to denote individuals filling positions
with similar responsibilities to Senior
Agency Information Security Officers.
U.S. Code 44, Sec. 3544.
Federal agency responsibilities, 2007
The position of CISO is
relatively new in most organizations. The CISO should be providing tactical
information security advice and examining the ramifications of new
technologies. In most corporations the CISO reports to the CIO or CTO. The CISO
role does not usually include responsibility for physical security, risk
management and business continuity, which are more often delegated to the CSO.
http://www.csoonline.com/glossary/