Why does the Office of Information Security want to know who is our agency Information Security Officer?

There are many reasons why the Office of Information Security (ISO) must know who the agency has designated as their Information Security Officer (OIS). First, it is important for the OIS to maintain a current list of agency ISO contacts because the OIS notifies the agency ISOs of important information on a frequent basis, such as critical software updates, vulnerabilities, or other types of threats that may require immediate action by state agencies.

It is also a good communication tool for notifying agency ISOs of upcoming events, such as quarterly ISO meetings, training, workshops, changes in state policy, and other important news. Finally, it provides the OIS and the California Highway Patrol (CHP) Computer Crimes Investigations Unit (CCIU) with the name and contact information for individuals who can be contacted about security incidents and work with us to resolve security issues within their agency. In an emergency, the OIS and the CHP CCIU may need to reach these individuals, so it is important to ensure the agency’s designations are kept current.