Information Security Office
Information Security is Everyone's Responsibility
The mission of the Information Security Office (ISO) is to support the goals of the Organization by providing leadership in assuring the confidentiality, integrity and availability of its information resources. The term "information resources" includes two different components: 1) the information itself such as data stored on computers, transmitted across networks, printed out or written on paper, sent by fax, stored on storage devices such as tapes, diskettes, hard disks and memory sticks or spoken in conversations or over the telephone; and 2) the processes, systems and networks that are used to create, collect and disseminate these types of information.
A major part of this mission involves protecting the information resources of the Organization, investigating unauthorized access to information and systems, monitoring compliance with all the procedures and policies with regard to the acceptable and proper use of information resources and raising awareness among all PAHO personnel about existing and potential risks to PAHO's information assets.Top
The Information Security Officer reports to the Director of Administration.Top
The ISO has the authority to enforce policies and procedures that have been issued on information security issues. The ISO has the responsibility to carry out investigations whenever information security incidents occur. Its role in investigations is limited to findings of fact. Decisions on any administrative or disciplinary action following the completion of an investigation are a management function and are taken by the Human Resources Manager, Director of Administration or Director.
The Information Security Office has complete access to information stored in all PAHO computer systems as well as to any other information required during the course of an investigation. It has a duty to protect the confidentiality of information to which it has access or brought to its attention and can only share this information with people who have a legitimate need to know.
The Information Security Office is accessible to all users of PAHO's information resources.Top
You should contact the Information Security Office to: