The Corporate Information Security Working Group

	Log In

Search Options

Since approximately 85 percent of this nation’s critical infrastructure is owned or controlled by the private sector, it is important to improve the protection of corporate information systems from the threat of cyber attack and preserve the information assets that are stored in these systems. The primary responsibility for information security resides with the Board of Directors/Trustees in its role as keeper of the governance framework. Protecting information involves implementing information security principles, policies, and processes. It requires establishing performance standards and compliance metrics that support the framework and monitor whether or not information security is being effectively managed.

The Corporate Information Security Working Group (CISWG) convened in November 2003 by Adam Putnam, (R-FL) to encourage Board members, managers, and technical staff to become more aware of security and to understand at a broad level, the principles, policies, processes, and performance metrics that support the people, process, and technology aspects of information security. The objective of this working group was to encourage voluntary awareness of and commitment to Information Security in the private sector.

The Corporate Information Security Working Group

The Corporate Information Security Working Group was formed for the purpose of identifying strategies that would lead the private sector to voluntarily improve security over their systems and information assets. The recommendations of the Corporate Information Security Working Group address different factors that would encourage voluntary action by the private sector. Learn More>>