When to use this
Practical use
Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.
Use this in manager role descriptions, policy addenda, or management training packs.
Management Information Security Responsibilities
Managers are responsible for ensuring that personnel within their area of responsibility comply with the organization's information security policy, topic-specific policies, standards, and procedures.
Managers shall:- communicate information security expectations to personnel;- ensure personnel complete required security awareness and role-specific training;- ensure security procedures are followed during daily operations;- support the implementation and operation of assigned security controls;- identify and report security weaknesses, incidents, and non-compliance;- ensure access rights remain appropriate for personnel under their responsibility;- support corrective actions and remedial training where required;- lead by example by complying with the same security requirements expected of personnel;- encourage personnel to report security concerns and improvement opportunities.
Failure to fulfill these responsibilities may result in escalation through the organization's performance, disciplinary, or corrective action processes.- Template
- Management
- A5 4
Note Metadata
Aliases: Manager Security Accountability Statement
Source: 90 Templates/Manager Security Accountability Statement.md