This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:Industry:Project Review/NIST SP 800-37r1 FPD Appendix D

From OWASP
Revision as of 15:21, 4 December 2009 by Dan Philpott (talk | contribs) (Installing layout of main document to structure comments)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

APPENDIX D

ROLES AND RESPONSIBILITIES

KEY PARTICIPANTS IN THE RISK MANAGEMENT PROCESS


D.1 HEAD OF AGENCY (CHIEF EXECUTIVE OFFICER)

D.2 RISK EXECUTIVE (FUNCTION)

D.3 CHIEF INFORMATION OFFICER

D.4 INFORMATION OWNER/STEWARD

D.5 SENIOR INFORMATION SECURITY OFFICER

D.6 AUTHORIZING OFFICIAL

D.7 AUTHORIZING OFFICIAL DESIGNATED REPRESENTATIVE

D.8 COMMON CONTROL PROVIDER

D.9 INFORMATION SYSTEM OWNER

D.10 INFORMATION SYSTEM SECURITY MANAGER/OFFICER

D.11 INFORMATION SECURITY ARCHITECT

D.12 INFORMATION SYSTEM SECURITY ENGINEER

D.13 SECURITY CONTROL ASSESSOR