Summary

Summary ^[7]

The role of today's ISSO has evolved over time and will continue to evolve. The ISSO profession offers many challenges to anyone who wants to match wits with global hackers, criminals, terrorists, and other miscreants. In a business environment such as that of a global corporation, the ISSO has specific responsibilities. As an ISSO, you should understand the following:

• The ISSO position is a leadership position within a company.

• The recently hired ISSO must know what is expected of the company's new ISSO and should have a clear understanding of those expectations before taking the position.

• The three primary responsibilities of an ISSO are: (1) managing people; (2) managing the CIAPP; and (3) managing CIAPP processes.

• The ISSO must set forth clear goals and objectives.

• The ISSO in the leadership role must be a company leader, team leader, and personal leader.

• The ISSO must provide CIAPP service and support using team concepts.

• The ISSO should develop vision, mission, and quality statements as guides to developing a successful CIAPP.

• The ISSO should strive to administer a CIAPP where all the major InfoSec functions are under the responsibility of the ISSO.

^[7]Much of the information in this chapter provides details that could be used to fill in the details of the ISSO's portfolio.