Skip to content
 

Where does the information security officer fit in the organizational chart?

Answered by: 
L. Michael Guard

Question: 
When implementing a new Information Security Officer position, where in the organization would you have it report? Would it fall under control of the Information Services group or should it report outside of this group to maintain independence of operational goals and security goals?
Answer: 

Ideally, the Information Security Officer is not under the control of any department or group and reports directly to the CEO. The primary reason for this independence is to insure that the Information Security Officer has direct access to the CEO for two reasons: to make sure the Information Security Officer's voice voice is heard on important issues, as well as to facilitate their frequent need to move between departments and groups.

First published on BankersOnline.com 11/11/02

First published on 11/11/2002

Filed under: 
Security
Technology
Filed under security as: 
IT
Security
Security Officer
Filed under technology as: 
IT
Security
Security Officer

Report a problem with this page

Search Topics