The Information System Security Officer (ISSO) and Information System Security Engineer (ISSE)
play the role of a supporter and advisor, respectively. Which of the following statements are true
about ISSO and ISSE? Each correct answer represents a complete solution. Choose all that
apply.
A.
An ISSE manages the security of the information system that is slated for Certification &
Accreditation (C&A).
B.
An ISSE provides advice on the continuous monitoring of the information system.
C.
An ISSO manages the security of the information system that is slated for Certification &
Accreditation (C&A).
D.
An ISSE provides advice on the impacts of system changes. E. An ISSO takes part in the
development activities that are required to implement system changes.
Explanation:
An Information System Security Officer (ISSO) plays the role of a supporter. The
responsibilities of an Information System Security Officer (ISSO) are as follows: Manages the
security of the information system that is slated for Certification & Accreditation (C&A). Insures the
information systems configuration with the agency’s information security policy. Supports the
information system owner/information owner for the completion of security-related responsibilities.
Takes part in the formal configuration management process. Prepares Certification & Accreditation
(C&A) packages. An Information System Security Engineer (ISSE) plays the role of an advisor.
The responsibilities of an Information System Security Engineer are as follows:
Provides view on the continuous monitoring of the information system. Provides advice on the
impacts of system changes. Takes part in the configuration management process. Takes part in
the development activities that are required to implement system changes. Follows approved
system changes.