Appointment of an Information Security Officer
So as to manage and purposefully further develop a company’s information security, a central accountability should be established in the form of an information security officer (CISO). Frequently, employees who are already entrusted with other tasks are assigned this function. This can not only lead to conflicts of roles but in many cases the expertise required is lacking. In addition, continuous further training is a costly and time-consuming process. In particular for smaller enterprises it is therefore advisable to make use of an external CISO. Larger companies that have a designated CISO can increase and optimise the efficacy of this role by deliberate coaching. TÜV TRUST IT consultants can assist you in thinking outside the box and assessing risks appropriately. We provide you with seasoned experts who will help you to live up to all information security risks within your company.