10 Things an ISO Needs to Ask Themselves
Last reviewed: March 2017
Now that you have a mentor and you are meeting on a regular basis, you may need some ideas for things to talk about. Here are just a few ideas to get you started.
10 Things an ISO Needs to Ask Themselves
- Why did I take this job? Someone remind me! (How on earth do you all sleep at night?)
- Do I have appropriate management support and understanding?
- Do I understand what the major risks the the institution are? What is the most valuable data at the institution? Where is it, how is it controlled?
- What are the institution's policies that affect information security? Do the policies I need to do my job effective exist?
- Who owns the data? Is this defined in a policy?
- Does my management have the same list in their heads?
- What capabilities does my management expect me to provide?
- Do I have the ability to meet those expectations? Staff, Skills, Technology, Policy, Procedures
- What technology do I have deployed? Is it deployed in an effective manner?
- What technology do I not have that I need?
The Mentoring Toolkit includes additional ideas for conversation starters.
Questions or comments? Contact us.
Except where otherwise noted, this work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License (CC BY-NC-SA 4.0).