PM-2: Information Security Program Leadership Role
Control Family:
PF v1.0 References:
Baselines:
- Low
N/A
- Moderate
N/A
- High
N/A
- Privacy
N/A
Previous Version:
- NIST Special Publication 800-53 Revision 4:
- PM-2: Senior Information Security Officer
Control Statement
Appoint a senior agency information security officer with the mission and resources to coordinate, develop, implement, and maintain an organization-wide information security program.
Supplemental Guidance
The senior agency information security officer is an organizational official. For federal agencies (as defined by applicable laws, executive orders, regulations, directives, policies, and standards), this official is the senior agency information security officer. Organizations may also refer to this official as the senior information security officer or chief information security officer.