Information Security Officer - Auditor
Be responsible for performing periodically, based on risk assessment, an internal audit of the information security function.Specific Duties
- Examine the information security policies and procedures for compliance with state information security and risk management policies, standards and guidelines.
- Examine the effectiveness of the information security policies and procedures; identify inadequacies within the existing security and risk management program and possible corrective action to be taken.
- Review and evaluate the effectiveness of controls for automated information systems that are either under development or operational, with particular emphasis on major systems.
- Inform management, the information security function and the information's owners, custodians, and users of its findings.
- Participate in the risk analysis process.