4-2.3 Roles and Responsibilities

 

Roles

Responsibilities

Executive sponsor

Ensures completion of Phase 2 activities.

Business Relationship Management portfolio manager

Provides guidance and assistance.

ISSR

Supports executive sponsor and Business Relationship Management portfolio manager as requested.

ISSO

Facilitates meetings of the C&A core team.

Coordinates completion of BIA.

Provides advice and consulting support to executive sponsors and Business Relationship Management portfolio managers regarding the baseline security requirements that apply to all information resources and the additional security requirements required to protect sensitive-enhanced, sensitive, and critical information resources.

Coordinates with the Privacy Office on privacy-related requirements.

Recommends additional security requirements to executive sponsors and Business Relationship Management portfolio managers based on threats, vulnerabilities, and generally accepted industry practices.

Privacy Office

Reviews Privacy Impact Assessment and approves determination of sensitivity.

Development Team

Completes Application Characterization, BIA, updates POA&M, updates EIR, and keeps C&A core team informed of progress.