Overseeing day-to-day compliance and risk management activities to protect the security and privacy of CMS information and systems
As an Information System Security Officer (ISSO), you are the voice of authority for keeping information safe within your organization. Your work helps Business Owners manage their FISMA systems in a way that protects the personal and health information of the people who depend on CMS for benefits.
You oversee the security and privacy posture of the system(s) entrusted to your care, coordinating all IT risk management activities and acting as your Business Owner’s “go-to person” for security questions and needs. You also help promote a "risk-based approach" to information security at CMS. This means not only ensuring compliance but also using tools and practices that continually evaluate system security so risks are spotted earlier.
Together, the ISSOs make up a supportive community working to ensure the success of the cybersecurity program at CMS. We are eager to help you get the training, connections, and skills you need to be successful in your role.
This is the go-to resource for all ISSOs - both new and experienced. It contains everything you need for onboarding and for your daily work.