Please log-in to purchase.

Purchasing for others?

Learn How
Please log into your account at using your own credentials before adding programs to your cart. (If you don't have an account, you'll need to create one; if you have forgotten your password, you can reset it.)
If you'd like to purchase for someone else, or use a payment method associated with another employee, you'll be prompted for that information on a future screen – but please use only your own credentials when making the initial program selection.

Responsibilities of the Information Security Officer-Fa24


Additional information



Recording Available Until



Patrick Brown


SBS CyberSecurity

Target Audience

Information security officers, IT managers, risk officers

Program Time

10:00 am-11:30 am CT


90 minutes

Being an Information Security Officer (or similar role) is a big responsibility in today’s world of cyber threats and data breaches. This presentation is for those who are new to the ISO (or similar) role or have been the ISO for some time but want to review what is expected and how to be successful. As the ISO, part of your responsibility is building and maintaining the Information Security Program.

While an ISP has many important elements, there are 3 fundamental components: Risk Assessment(s), ISP Policies and Procedures, and Audit. The Risk Assessment will help you make decisions, the Policies and Procedures document the decisions for your institution to implement, and Audit verifies that those decisions have been properly implemented and are adequate controls to protect your institution.

This presentation will cover the following areas/topics:

  • FFIEC Roles and Responsibilities of the ISP
  • Building a strong Cybersecurity Culture
  • Board Reporting
  • Educational and Certification Paths
  • Strong Risk Assessment Methodology
  • Creating your ISP with Policies and Procedures

Target Audience:  Information security officers, IT managers, risk offi