- Be familiar with our information security program and policies
- Note the financial cost of cyber insurance deductibles in BUS-80 that the Unit can be responsible for per incident is $100k
- Be familiar with the Unit Head role description and responsibilities under IS-3
- Accountable for implementation of IS-3 within the Unit
- Assign, properly resource, and prioritize the Unit Information Security Lead role responsible for IS-3 implementation within the Unit
- Regularly meet with the UISL(s) to discuss and stay informed of the Unit security posture including the status of risk assessments, gaps, action items, and assumed risks.
- Ensure information and assets are classified within the Unit and risk assessments are performed on them
- Accept risk for security exceptions
- Ensure security incidents are reported to the CISO