The Information Security Officer has an independent and organisationally prominent position. The Information Security Officer reports directly to the company management. The company management continues to bear overall responsibility for all information security issues.
Tasks of the Information Security Officer:
Coordination of information security objectives with company management
Coordination and planning of information security in cooperation with the Information Security Team and Data Protection Team
Creation and maintenance of guidelines and regulations for information security in the company
Advising management on information security issues
Documentation of information security measures
Information security training for employees
Planning and conception of the management of incidents and emergency precautions (incl. emergency plan/manual)
The Information Security Officer has the right to be informed and to provide information on all topics relevant to information security. The Information Security Officer shall have the right to make oral and written (or textual) statements to the company management on all information security issues. For the duration of the appointment as Information Security Officer, the Information Security Officer has access to all affected IT systems of the company – if necessary after prior consultation with the data protection officer – in order to perform control and consulting tasks.
We are happy to provide companies with an external Information Security Officer.