Profession chief ICT security officer
Chief ICT security officers protect company and employee information against unauthorized access. They also define the Information System security policy, manage security deployment across all Information Systems and ensure the provision of information availability.
Would you like to know what kind of career and professions suit you best? Take our free Holland code career test and find out.
- Conventional / Investigative
- Decision support systems
The ICT systems that can be used to support business or organisational decision making.
- Information security strategy
The plan defined by a company which sets the information security objectives and measures to mitigate risks, define control objectives, establish metrics and benchmarks while complying with legal, internal and contractual requirements.
- ICT security standards
The standards regarding ICT security such as ISO and the techniques required to ensure compliance of the organisation with them.
- Audit techniques
The techniques and methods that support a systematic and independent examination of data, policies, operations and performances using computer-assisted audit tools and techniques (CAATs) such as spreadsheets, databases, statistical analysis and business intelligence software.
- ICT network security risks
The security risk factors, such as hardware and software components, devices, interfaces and policies in ICT networks, risk assessment techniques that can be applied to assess the severity and the consequences of security threats and contingency plans for each security risk factor.
- Organisational resilience
The strategies, methods and techniques that increase the organisation's capacity to protect and sustain the services and operations that fulfil the organisational mission and create lasting values by effectively addressing the combined issues of security, preparedness, risk and disaster recovery.
- Cyber security
The methods that protect ICT systems, networks, computers, devices, services, digital information and people against illegal or unauthorised use.
- ICT security legislation
The set of legislative rules that safeguards information technology, ICT networks and computer systems and legal consequences which result from their misuse. Regulated measures include firewalls, intrusion detection, anti-virus software and encryption.
- Ensure information privacy
Design and implement business processes and technical solutions to guarantee data and information confidentiality in compliance with legal requirements, also considering public expectations and political issues of privacy.
- Ensure compliance with legal requirements
Guarantee compliance with established and applicable standards and legal requirements such as specifications, policies, standards or law for the goal that organisations aspire to achieve in their efforts.
- Manage disaster recovery plans
Prepare, test and execute, when necessary, a plan of action to retrieve or compensate lost information system data.
- Lead disaster recovery exercises
Head exercises which educate people on what to do in case of an unforeseen disastrous event in the functioning or security of ICT systems, such as on recovery of data, protection of identity and information and which steps to take in order to prevent further problems.
- Manage IT security compliances
Guide application and fulfillment of relevant industry standards, best practices and legal requirements for information security.
- Implement corporate governance
Apply a set of principles and mechanisms by which an organisation is managed and directed, set procedures of information, control flow and decision making, distribute rights and responsibilities among departments and individuals, set corporate objectives and monitor and evaluate actions and results.
- Maintain plan for continuity of operations
Update methodology which contains steps to ensure that facilities of an organisation are able to continue operating, in case of broad range of unforeseen events.
- Ensure adherence to organisational ICT standards
Guarantee that the state of events is in accordance with the ICT rules and procedures described by an organisation for their products, services and solutions.
- Implement ICT risk management
Develop and implement procedures for identifying, assessing, treating and mitigating ICT risks, such as hacks or data leaks, according to the company's risk strategy, procedures and policies. Analyse and manage security risks and incidents. Recommend measures to improve digital security strategy.
- Monitor technology trends
Survey and investigate recent trends and developments in technology. Observe and anticipate their evolution, according to current or future market and business conditions.
- Utilise decision support system
Use the available ICT systems that can be used to support business or organisational decision making.