Which of the following statements are true about ISSO and ISSE?

The Information System Security Officer (ISSO) and Information System Security Engineer (ISSE) play the role of a supporter and advisor, respectively. Which of the following statements are true about ISSO and ISSE? Each correct answer represents a complete solution. Choose all that apply.

The Information System Security Officer (ISSO) and Information System Security Engineer (ISSE) play the role of a supporter and advisor, respectively. Which of the following statements are true about ISSO and ISSE? Each correct answer represents a complete solution. Choose all that apply.

A.
An ISSE provides advice on the continuous monitoring of the information system.

B.
An ISSE provides advice on the impacts of system changes.

C.
An ISSE manages the security of the information system that is slated for Certification & Accreditation (C&A).

D.
An ISSO takes part in the development activities that are required to implement system changes.

E.
An ISSO manages the security of the information system that is slated for Certification & Accreditation (C&A).

Explanation:

An Information System Security Engineer (ISSE) plays the role of an advisor. The responsibilities of an Information System Security Engineer are as follows:
Provides view on the continuous monitoring of the information system.
Provides advice on the impacts of system changes.
Takes part in the configuration management process.
Takes part in the development activities that are required to implement system changes.
Follows approved system changes.

Reference: FISMA Certification & Accreditation Handbook, Contents: "Understanding the Certification and Accreditation Process"



Leave a Reply 0

Your email address will not be published. Required fields are marked *