May 17, 2023
The information security risk manager is a subject matter expert (SME) who works to assess cybersecurity and technology risks against established frameworks, standards, policies and methodologies. As a risk assessment SME, the individual reviews and recommends controls and best practices, as well as continually evaluates risk exposure and tolerance as defined by business leaders and external entities. The role also reviews and documents deficiencies, advocates for change and, when appropriate, escalates issues to senior leadership. Information security risk managers report continuously on the state of risk, providing visibility and helping business leaders and risk managers understand where risk resides and where improvements must be made to protect the business. Such reporting includes adherence to regulations and industry guidelines, as well as corporate risk acceptance. The risk manager focuses on third-party risk, as well as risks within internal and business-controlled areas...
Insight Global
Greenville, SC, USA