Role of the CISO

> Ensuring information security according to standards:
    °  ISO-2700x
    °  ICT minimum standard BWL
> Setting up and ensuring an ISMS
> Defining and monitoring measures
> Raising awareness
> Information security consulting
> Assessment of security risks
> Information assets inventory

> Ensuring information security
> Ensuring data security
> Managing protection goals for
    °  Confidentiality
    °  Availability
    °  Integrity of information

> Introduction of an InfoSec strategy
> Introduction of an ISMS (*)
> Introduction of regulations and directives
> Introduction of security measures
> Introduction of requirements for:
    °  Data protection
    °  IT security
> Very close cooperation with:
    °  Legal and data privacy units
    °  IT Security
    ° CIO
    °  Decentralized IT managers
    °  Faculties
    °  Central Services and
    °  External stakeholders