Appoint an information security officer
The Information Security Officer is primarily charged with defining and implementing your organization's security policy. Specifically, the ISO guarantees the availability, security, and integrity of the information systems and data.
The designated person has the following skills:
- managing security and risks (performing risk assessments);
- developping procedures related to information security and/or data protection;
- devising a security plan and security advice;
- applying applicable standards (for example ISO27001 or 27002);
- performing security audits or audits related to data protection.
- Advocate Information Security throughout the company