CMS Information Security Advisory Board (CISAB)

Submitted by FormerContentAdmin on
Short Description

A volunteer board comprised of ISPG staff and the ISSO community designed to promote collaboration on cybersecurity and privacy issues

Roles
Cyber Risk Advisor (CRA)
Data Guardian
Information System Security Officer (ISSO)
System / Business Owner
Resource Type
General Information
Topics
Privacy
System Authorization
Contact Name
CISO Team
Contact Email
CISO@cms.hhs.gov
Slack Channel(s)
#cisab
Section
Text Block

What is the CMS Information Security Advisory Board (CISAB)? 

The CISAB was established to provide a space for the Office of the Chief Information Security Officer (CISO), the Information Security and Privacy Group (ISPG), and CMS Information System Security Officers (ISSOs) representing each CMS component to share information and best practices about security and privacy – with the goal of improving the agency’s overall security posture. 

Members of the CISAB meet monthly to:

  • Discuss and plan future cybersecurity and privacy related policies and initiatives 
  • Exchange knowledge about new and emerging programs, technologies, and tools 
  • Review proposals and options for new initiatives before they are introduced to the broader community
  • Share information and experiences directly from their components 
  • Build and maintain relationships between leadership and staff across the organization

Who serves on the CISAB?

CISAB leadership

The CISAB is chaired by the CISO or Deputy CISO.  The Co-Chair seat is held by a member of the Board who has been nominated and approved by a simple majority of the membership. A Secretariat is also selected for the board, nominated by the Chair. 

General membership

The remaining members of the board consist of no more than twenty but no less than twelve members from the CMS cybersecurity community.  These members include: 

  • One individual from each ISPG division
  • No more than twenty but no less than 12 federal and contractor ISSOs who support systems and major applications 
  • A representative from each CMS component that owns at least one FISMA system
  • Other individuals concerned with cybersecurity or privacy issues are encouraged to attend board meetings

CISAB members serve for six months, but may extend their service with the approval of the Chair. Members are typically nominated by their components, but those who are interested in serving on the CISAB can reach out via Slack to request more information. 

How can I attend the CISAB?

If you’re interested in learning more about the CISAB or would like to participate in the next CISAB monthly meeting, head over to the internal CISAB CMS Slack channel,  #cisab. You’ll find information about cybersecurity topics of interest as well as Zoom information for the next CISAB monthly meeting. 

 

Related resources
Resource Title
CMS Information System Security Officer (ISSO) Handbook
Resource Title
Information System Security Officer (ISSO)
Resource Title
CMS Security and Privacy Handbooks