ASIS releases standards detailing CSO role

Dec. 18, 2008
Standard is first ANSI-approved standard released by security organization

What's the role of a chief security officer?

ASIS International, a international security organization based in the United States, knows the answer. The organization today announced the release of its first American National Standard, approved by the American National Standards Institute (ANSI), titled appropriately enough: the CSO Standard.

The new standard is based on the preexisting ASIS CSO Guideline, and is designed as model for organizations to use when defining security and risk leadership position. According to ASIS International, the CSO position can be implemented as either a standalone position, or as a set of responsibilities managed by the organization's executives.

"The standard states that effective leadership within the top levels of an organization, especially its security functions, is imperative," says Jerry J. Brennan, chairman of the CSO Standards Committee. "Traditionally, what has been lacking in many organizations is a single governance position at the senior level being accountable for crafting, influencing and directing the organization-wide security-related risk and protection strategies in a manner that is compatible with that enterprises' structure and culture. The ability to effectively influence business strategy and address issues related to internal and external security risk exposures requires a CSO-type function at the appropriate level in the organization."

According to ASIS, the standards for a CSO position are relevant for private businesses as well as the public sector, and the standard includes information on the reporting relationship, the key responsibilities and accountabilities assigned to the CSO. It also includes information on competencies, experience, education and compensation which would commonly accompany such a position.

ASIS International is an ANSI Accredited Standards Developer, and while the organization has published a number of internal guidelines over the years, this is the organization's first release of a national standard approved by ANSI.

The ASIS/ANSI-approved CSO Standard is available from ASIS as a free download.

Sponsored Recommendations

One in six attacks on U.S. government offices linked to LockBit

The report revealed that many ransomware threat actors are no longer going after "big game" targets, instead focusing on smaller organizations they presume to be less well-defended...

Texas A&M University-Kingsville rolls out multi-function SafeZone platform

SafeZone will make it easy for students to request immediate assistance with a single tap on their smartphones, whether it be to ask for emergency help, report a concern, or access...

As residents vent about escape, Chester County Prison Board approves security upgrades

Members of the Chester County Prison Board have agreed to upgrade the physical barriers to outdoor recreational yards at the Pocopson facility.

Contrast Security integrates with AWS Security Hub

Contrast’s integration with AWS Security Hub will allow mutual customers to address security concerns before deployment, making the process proactive rather than reactive.