Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

How To Identify Personnel With Significant Responsibilities For Information Security

Published

Author(s)

Mark Wilson

Abstract

This Bulletin is written to assist federal departments and agencies to meet their information security training responsibilities. Determining who has significant responsibilities for information security is the crucial first step that allows an organization to focus its information security training resources where they are most needed. Under the Federal Information Security Management Act (FISMA) of 2002, the head of each federal agency is directed to delegate to the Chief Information Officer (CIO) the authority to designate a senior agency information security officer known in many agencies as the Chief Information Security Officer (CISO). The CISO is responsible for, among other duties, training and overseeing personnel with significant responsibilities for information security, also known as significant information security responsibilities (SISRs). To help agencies identify those individuals with SISRs, the Information Technology Laboratory of the National Institute of Standards and Technology (NIST) is planning to update NIST Special Publication (SP) 800-50, Building an Information Technology Security Awareness and Training Program (October 2003). This bulletin provides interim assistance to federal organizations until the revision of NIST SP 800-50 has been completed.
Citation
ITL Bulletin -

Keywords

Training, role-based training, awareness training, information security, significant responsibilities for information security, workforce planning, criteria, sources of criteria.

Citation

Wilson, M. (2010), How To Identify Personnel With Significant Responsibilities For Information Security, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=905852 (Accessed March 28, 2024)
Created June 22, 2010, Updated February 19, 2017