The Information Systems Security Officers Guide: Establishing and Managing an Information Protection Program

Based on what you have read, consider the following questions and how you would reply to them:

• Do you think the ISSO's responsibilities should include conducting any type of investigation or inquiry?

• If so, why?

• If not, why not?

• Do you think it is the job and professional responsibility of an ISSO and staff to support internal and external investigations by providing forensics support?

• If so, what limitations would you set on that support?

• As an ISSO, do you have a policy, plan, processes, and procedures in place as to when and how you would support an internal or external investigation?

• If so, are they current?

• Have they been coordinated with applicable internal customers, such as auditors and security staff?