Senior IRM Official
Senior IRM Official
Copyright(c), 1995 - Management Analytics - All Rights Reserved
Each operating unit Senior IRM Official shall
conduct an IT security program that ensures appropriate and adequate
levels of protection for all IT systems within the operating unit. The
Senior IRM official shall:
- 1. Be the DAA for all sensitive systems within their
organization. This approval authority may only be
delegated to a senior management official of a
subordinate organizational unit, if that official does
not have direct control over the IT system being
accredited. Delegation of accreditation authority must
be requested and approved in advance by the DOC
Director for IRM.
- 2. Assure ownership is assigned for all IT resources
within the operating unit (i.e., hardware, software,
data, telecommunications, etc.).
- 3. Appoint an ITSO and alternate for the operating unit.
This individual, or alternate, should have the staff
responsibility for the operating unit IT security
program.