Risk Management and Incident Response

  • Keep abreast of security incidents and act as primary control point during significant information security incidents. Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise.
  • Convene Ad Hoc Security Committee as appropriate and provide leadership for breach response and notification actions for the University.
  • Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
  • Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
  • Examine impacts of new technologies on the Institution’s overall information security. Establish processes to review implementation of new technologies to ensure security compliance.
  • Teach employees how to perform risk assessment
  • Coordinate the whole process of risk assessment

Source :
https://advisera.com/27001academy/knowledgebase/what-is-the-job-of-chief-information-security-officer-ciso-in-iso-27001
https://spaces.internet2.edu/display/2014infosecurityguide/CISO+Job+Description+Template