Be responsible for providing security and risk management related support services.

1. Provide assistance to the information security function relative to using the computer's security facilities.
2. Provide supervision to any technical and administrative personnel assigned to the computer security function.
3. Assist in the acquisition of security software and equipment.
4. Assist the information security function (if requested to do so) in developing and maintaining the security and risk management program, including a risk analysis process.
5. Assist in identifying vulnerabilities and the appropriate solutions to eliminate or minimize their potential effects.
6. Assist in developing and maintaining the access control rules within the security software that provides controlled access in accordance with owner defined information access requirements.
7. Serve as a member of software review committee to evaluate new software and hardware systems.
8. Provide periodic reporting on information security issues.
9. Investigate any actual or potential information security violations. Follow up investigations with written reports.
10. Assist management with training employees about information security issues.
11. Train any designated individuals to act as an ISA alternate, in case of emergency or absence.
12. Assist in ensuring that departments have fulfilled their security responsibilities.
13. Review new systems designs and major modifications for security implications prior to implementation.
14. Provide liaison with the Security function.
15. Consult on planned physical facilities changes, and alterations in work flow or operating procedures to evaluate the effect of such changes on security and safety.