Job description of a bank information security specialist. Job description of a specialist in ensuring information security in key information infrastructure systems

1. GENERAL PROVISIONS

1.1. This job description defines the functional duties, rights and responsibilities of the Information Security Engineer.

1.2. The information security engineer is appointed to the position and dismissed from the position in the established current labor law by order of the director of the enterprise.

1.3. The Information Security Engineer reports directly to ____________________.

1.4. A person who has:

1.4.1. Qualification requirements. Higher vocational (technical) education without presenting requirements for work experience or secondary vocational (technical) education and work experience as an information security technician of category I for at least 3 years or other positions filled by specialists with secondary vocational education, not less than 5 years.

1.5. The information security engineer must know:

— resolutions, orders, orders, methodological and regulatory materials on issues related to ensuring the technical protection of information

– specialization of the enterprise and features of its activities

— methods and means of obtaining, processing and transmitting information

— scientific, technical and other specialized literature on the technical support of information security

— technical means of information protection

— software and mathematical means of information protection

- order of registration technical documentation on information protection

— channels of possible information leakage

— methods of analysis and protection of information

— organization of work on information protection

- instructions for compliance with the mode of conduct special works

- domestic and Foreign experience in the field of technical intelligence and information protection

— fundamentals of economics, organization of production, labor and management

— fundamentals of labor law

- Rules and norms of labor protection.

1.6. During the period of temporary absence of the Information Security Engineer, his duties are assigned to ___________________________.

2. FUNCTIONAL RESPONSIBILITIES

2.1. The functional responsibilities of the Information Security Engineer are determined on the basis and to the extent qualification characteristic by the position of Information Security Engineer and can be supplemented, clarified when preparing the job description based on specific circumstances.

2.2. Information Security Engineer:

2.2.1. Performs work on the design and implementation of special technical and software-mathematical means of information protection, ensuring organizational and engineering protection measures information systems, conducts research in order to find and select the most appropriate practical solutions within the limits of the task.

2.2.2. Carries out the selection, study and generalization of scientific and technical literature, regulatory and methodological materials on technical means and methods of information protection.

2.2.3. Participates in the review of draft technical specifications, plans and schedules for the technical protection of information, in the development of the necessary technical documentation.

2.2.4. Compiles calculation methods and programs for experimental research on the technical protection of information, performs calculations in accordance with the developed methods and programs.

2.2.5. Conducts comparative analysis research and test data, studies possible sources and channels of information leakage.

2.2.6. Carries out the development technical support information security systems, Maintenance means of information protection, takes part in the preparation of recommendations and proposals for improving and increasing the efficiency of information protection, in writing and designing sections of scientific and technical reports.

2.2.7. Compiles information reviews on the technical protection of information. Performs operational tasks related to ensuring control technical means and mechanisms of the information security system, participates in audits of institutions, organizations and enterprises to comply with the requirements of regulatory and technical documentation for information security, in the preparation of reviews and opinions on regulatory teaching materials and technical documentation.

2.2.8. Prepares proposals for concluding agreements and contracts with other institutions, organizations and enterprises providing services in the field of technical means of information protection, draws up applications for necessary materials, equipment, appliances.

2.2.9. Participates in the certification of objects, premises, technical means, programs, algorithms for compliance with the requirements of information security for the relevant security classes.

2.2.10. Conducts control checks of the operability and efficiency of existing systems and technical means of information protection, draws up and draws up acts control checks, analyzes the results of inspections and develops proposals for improving and increasing the effectiveness of the measures taken.

2.2.11. It studies and summarizes the experience of other institutions, organizations and enterprises on the use of technical means and methods of protecting information in order to increase efficiency and improve work on its protection and the preservation of state secrets.

2.2.12. Performs work on time at a high scientific and technical level, observing the requirements of instructions on the mode of work.

3.1. The information security engineer has the right to:

3.1.1. _________________________________________________________.

3.1.2. _________________________________________________________.

3.1.3. _________________________________________________________.

3.1.4. _________________________________________________________.

3.1.5. _________________________________________________________.

4. RESPONSIBILITY

4.1. The information security engineer is responsible for:

4.1.1. Failure to fulfill their functional duties.

4.1.2. Inaccurate information about the status of the received tasks and instructions, violation of the deadlines for their execution.

4.1.3. Failure to comply with orders, orders of the director of the enterprise, instructions and tasks of the head of the department.

4.1.4. Violation of the Rules of the internal work schedule, fire safety rules and safety regulations established at the enterprise.

5. WORKING CONDITIONS

5.1. The work schedule of the Information Security Engineer is determined in accordance with the Internal Labor Regulations established at the enterprise.

5.2. In connection with the production need, the Information Security Engineer may be sent on business trips (including local ones).

General provisions

1. This job description is the main regulatory and organizational document that establishes the functions, rights and obligations, responsibilities of the Information Security Specialist, regulating the organization of his activities, the procedure for business interaction with officials of structural divisions of Russian Standard Bank CJSC.

2. This job description is a document of direct action, comes into force from the date of approval and is mandatory for the employee from the moment of familiarization against signature.

3. Renaming, liquidation of the position of the Information Security Specialist, appointment to the position and dismissal from the position held are carried out by order of the head of the information and technical protection department of Russian Standard Bank CJSC.

4. Specialist in information security Reports directly to the Head of Product Formation, Pricing and Sales Model Management.

5. The Information Security Specialist has no subordinates.

Goals and official duties

The activities of the Information Security Specialist are aimed at achieving the following goals:

1.1 Ensuring the confidentiality of price information at the stage of its transmission from the accounting system to the client through the electronic order server;

1.2Support for software tools for controlling external price information.

2. To achieve the established goals, the Information Security Specialist performs the following duties:

2.1Produces the development of new and technical support for existing software to protect the price information of the Company's sales divisions;

2.2 Development of new and technical support for existing software tools for monitoring price information received from regional markets and used for pricing purposes;

2.3Advises Information Technology Specialists of the Company's sales divisions on the functioning of the means of protection and control of price information;

2.4 Forms proposals for changing the principles of control and protection of price information used in the JV of the Company.

Performance evaluation indicators

The performance of the Client Marketing Specialist is evaluated on the basis of the following indicators:

1. Timely and high-quality execution of all procedures to ensure control and protection of price information of the JV Company.

2.Compliance established order and the timing of the preparation of reports in the entrusted direction.

3. Ensuring the implementation of plans for gross income.

4. High-quality and timely execution of tasks and functions outlined in this job description.

General corporate norms

The activities of the Information Security Specialist are governed by general corporate standards, reflected in the following documents:

13 Real Job description.

An information security specialist has the following rights necessary to perform his functional duties:

1. Receive information necessary for the implementation of its activities from all structural divisions and officials of Russian Standard Bank CJSC within its competence.

2. Submit proposals to senior management on issues related to their competence.

3. Provide methodological instructions and explanations to the employees of Russian Standard Bank CJSC within the framework of their functional duties.

4. Take initiatives aimed at improving the quality of their work, the work of the department, the department as a whole.

Responsibility

An information security specialist is personally liable to the head of the information and technical protection department of Russian Standard Bank CJSC for failure to perform or improper performance of his functional duties in achieving the established goals, as well as improper use of the rights granted to him:

In accordance with the current labor legislation of the Russian Federation, internal regulatory documents, an employment contract, the employee bears disciplinary responsibility;

In accordance with the agreement on full individual liability, the employee bears material liability.

Requirements for an employee when applying for a job

Glossary of special terms and abbreviations

The instruction fully reflects the content and specifics of the activities of this official.

Type sample

I approve

___________________________________ (initials, surname)
(name of company, __________________________
enterprise, etc., his (director or other
legal form) executive,
authorized to approve
job description)

"" ____________ 20__

Job description
information security specialist

______________________________________________
(name of organization, enterprise, etc.)

"" ______________ 20__ N_________

This job description has been developed and approved for
basis employment contract with __________________________________________
(name of the position of the person for whom
______________________________________________________ and in accordance with
this job description has been drawn up)
provisions Labor Code Russian Federation and other regulatory
acts regulating labor relations in the Russian Federation.

I. General provisions

1.1. Information Security Specialist belongs to the category
specialists, is hired and fired from it by order
the head of the enterprise on the proposal of the head of the protection department
information.
1.2. For the position of an information security specialist of the 1st category
a person is appointed who has a higher professional (technical)
education and work experience as an information security specialist II
categories of at least ______ years; as a security specialist
information category II - a person with a higher professional
(technical) education and work experience as a security specialist
information or other positions filled by specialists with higher
vocational education, at least _________ years; for the position
information security specialist - a person who has a higher professional
(technical) education, without presenting requirements for work experience.
1.3. The Information Security Officer reports directly to
________________________________________________________________________.
1.4. In his work, an information security specialist
guided by:
- legislative and regulatory documents on issues
ensuring the protection of information;
- methodological materials related to relevant issues;
- the charter of the enterprise;
- labor regulations;
- orders and orders of the director of the enterprise
(immediate supervisor);
- this job description.
1.5. The Information Security Specialist should know:
- legislative acts, normative and methodological materials on
issues related to ensuring the protection of information;
- specialization of the enterprise and features of its activity;
- production technology in the industry;
- equipping computer centers with technical means,
prospects for their development and modernization;
- a system for organizing the comprehensive protection of information operating in
industries;
- methods and means of monitoring protected information, identifying channels
information leaks, organization of technical intelligence;
- methods of planning and organization of protection works
information and ensuring state secrets;
- technical means of control and protection of information, prospects and
directions for their improvement;
- methods for conducting special studies and inspections, works on
protection of technical means of transmission, processing, display and storage
information;
- the procedure for using abstract and reference and information
publications, as well as other sources of scientific and technical information;
- achievements of science and technology in the country and abroad in the field of
technical intelligence and information protection;
- methods and means of performing calculations and computational work;
- fundamentals of economics, organization of production, labor and management;
- fundamentals of the labor legislation of the Russian Federation;
- rules and regulations of labor protection, safety measures,
industrial sanitation and fire protection;
- _________________________________________________________________.
1.6. During the absence of an information security specialist
(business trip, vacation, illness, etc.) his duties are performed by a person
assigned in due course. This person acquires
relevant rights and is responsible for the proper implementation
the duties assigned to him.

II. Functions

The Information Security Specialist is responsible for the following:
2.1. Ensuring comprehensive information protection, compliance
state secret.
2.2. Participation in the survey, certification and categorization of objects
protection.
2.3. Development of organizational and administrative documents,
regulating the work on the protection of information.
2.4. Determining the need for technical means of protection and
control.
2.5. Requirements check normative documents for the protection
information.

III. Job Responsibilities

In order to perform the functions assigned to him, the protection specialist
information must:
3.1. Perform complex work related to the provision of integrated
information protection based on the developed programs and methods, compliance with
state secret.
3.2. Collect and analyze materials from institutions, organizations and
enterprises of the industry in order to develop and adopt decisions and measures to
ensuring the protection of information and efficient use funds
automatic control, detection of possible channels of information leakage,
representing state, military, official and commercial secrets.
3.3. Analyze existing methods and the means used to
control and protection of information, and develop proposals for their
improving and increasing the effectiveness of this protection.
3.4. Participate in the inspection of objects of protection, their certification and
categorization.
3.5. Develop and prepare for approval draft normative and
methodological materials regulating the work on information protection, and
as well as regulations, instructions and other organizational and administrative
documents.
3.6. Organize the development and timely submission
proposals for inclusion in the relevant sections of promising and
current work plans and programs of measures to control and protect information.
3.7. Give feedback and opinions on projects of newly built and
reconstructed buildings and structures and other developments on
ensuring the protection of information.
3.8. Participate in the review of technical specifications for
design, draft, technical and working projects, provide them
compliance with applicable regulatory and methodological documents, as well as in
developing new circuit diagrams control equipment, facilities
automation of control, models and systems of information security, assessment
technical and economic level and efficiency of the proposed and implemented
organizational and technical solutions.
3.9. Determine the need for technical means of protection and
control, draw up applications for their purchase with the necessary
justifications and calculations for them, control their delivery and
usage.
3.10. To check compliance with the requirements of intersectoral and
industry regulatory documents on information security.

IV. Rights

The information security specialist has the right to:
4.1. Get acquainted with the draft decisions of the company's management,
relating to his activities.
4.2. Submit proposals for consideration by management
improvement of the work related to the duties stipulated
this instruction.
4.3. Receive from the heads of structural divisions,
information and documents necessary for the performance of their
official duties.
4.4. Involve specialists from all structural divisions
enterprise to solve the duties assigned to it (if it is
provided for in the structural divisions if not, with
permission of the head of the enterprise).
4.5. Require the management of the enterprise to assist in
performance of their duties and rights.

V. Responsibility

The Information Security Specialist is responsible for:
5.1. For failure to perform (improper performance) of their official
duties set out in this job description
within the limits determined by the labor legislation of the Russian Federation.
5.2. For those committed in the course of carrying out their activities
offenses - within the limits determined by administrative, criminal and
civil legislation of the Russian Federation.
5.3. For causing material damage - within the limits determined
labor, criminal and civil legislation of the Russian Federation.

The job description was developed in accordance with ________________
(Name,
_____________________________.
document number and date)

Head of structural (initials, surname)
subdivisions _________________________
(signature)

"" _____________ 20__

Agreed:

Head of the legal department

(initials, surname)
_____________________________
(signature)

"" ________________ 20__

I am familiar with the instruction: (initials, surname)
_________________________
(signature)

Job description and job responsibilities of the chief information security specialist.

1. GENERAL PROVISIONS

1.1. This job description defines the functional duties, rights and
responsibility of the Chief Information Security Specialist of the enterprise (options: OJSC,
CJSC, LLC, institution, organization).
1.2. Chief Specialist for the protection of information is appointed to the position and dismissed
from office in accordance with the procedure established by the current labor legislation by order
enterprise director.
1.3. The Chief Information Security Officer reports directly to the Director
enterprises (options: OJSC, CJSC, LLC, institutions, organizations).
1.4. A person is appointed to the position of Chief Information Security Officer,
having a higher professional (technical) education and work experience in defense
information.
1.5. The Chief Information Security Officer must know:
- legislative and regulatory legal acts on the state (service,
commercial) secret; regulatory and methodological materials on issues related to
ensuring the protection of information; development prospects, specialization and directions
activities of an institution, organization, enterprise (options: OJSC, CJSC, LLC, institutions,
organization) and its divisions; the nature of the interaction of departments in the process
economic activity enterprises (options: OJSC, CJSC, LLC, institutions, organizations)
and the procedure for passing service information; complex protection organization system
information valid at the enterprise (options: OJSC, CJSC, LLC, institution,
organizations); prospects and directions for the development of technical and software-mathematical
means of information protection; methods and means of control of protected information, detection
information leakage channels, organization of technical intelligence; planning methods and
organization of scientific research, development, performance of works on protection
information; the procedure for concluding contracts for special studies and
checks, works on protection of technical means of transmission, processing, display and storage
information; domestic and foreign experience in the field of technical intelligence and protection
information; fundamentals of economics, organization of production, labor and management; rules and regulations
labor protection.
1.6.

During the temporary absence of the Chief Information Security Specialist, his
Responsibilities are assigned to _________________.
FUNCTIONAL RESPONSIBILITIES

Note.

Functional responsibilities of the Chief Information Security Specialist
determined on the basis and in the scope of the qualification characteristics for the position of the Chief
information security specialist and can be supplemented, clarified in the course of preparation
job description based on specific circumstances.
Manages the implementation of work on comprehensive information protection in the industry,
enterprise, (options: OJSC, CJSC, LLC, institution, organization), providing effective
application of all available organizational and engineering measures for protection,
constituting a state secret.
2.2. Participates in the development of technical policy and development prospects
technical means of control, organizes the development and implementation of new technical and
software and mathematical means of protection, excluding or significantly complicating
unauthorized access to official information constituting official,
state or commercial secrets.
2.3. Participates in the review of technical specifications for product designs, scientific and
research and development work subject to protection is carried out by
control over the inclusion in them of the requirements of normative-technical and methodological documents on
information security and compliance with these requirements.
2.4. Prepares proposals for inclusion in the plans and work programs of organizational and
engineering and technical measures to protect information systems.
2.5. Participates in the development of secure information technologies, corresponding
requirements of complex information protection.
2.6. Organizes research work in the field of improvement
information security systems and increase their efficiency.
2.7. Performs the whole complex (including especially complex) works related to the control and
protection of information, based on the developed programs and methods.
2.8. Organizes the collection and analysis of materials on possible channels of information leakage, including
including through technical channels, when conducting research and development related to
creation and production of special products (products) necessary for carrying out
work to ensure the protection of information.
2.9. Provides coordination of ongoing organizational and technical measures,
development of methodological and regulatory materials and provision of the necessary methodological
assistance in carrying out work to protect information, assess the technical and economic
the effectiveness of the proposed and implemented organizational and technical solutions.
2.10. Organizes the collection and systematization necessary information about the objects
subject to protection, and protected information, provides methodological guidance and
control over the work on the assessment of the technical and economic level and efficiency
developed measures to protect information.
2.11. Leads the work on summarizing data on the need for technical and software
mathematical means of information security, control equipment, drawing up applications for
the production of these funds, organizes their receipt and distribution among the objects of protection.
2.12. Promotes the dissemination of best practices and the introduction of modern
organizational and technical measures, means and methods of information protection in order to increase their
efficiency.
2.13. Provides control over compliance with the requirements of regulatory and technical
documentation, compliance with the established procedure for performing work, as well as the current
legislation in dealing with issues related to the protection of information.
2.14. Coordinates the activities of divisions and specialists in information security in
industry, enterprise, institution, organization.

3. RIGHTS

The Chief Information Security Officer has the right to:
3.1. Give instructions to employees and services subordinate to him, tasks on a range of issues,
included in his functional responsibilities.
3.2. Control the implementation of planned tasks and work, timely completion
individual assignments and assignments of services subordinate to him.
3.3. Request and receive the necessary materials and documents related to the issues
activities of the Chief Information Security Specialist, his subordinate services and
divisions.
3.4. Enter into relationships with departments of third-party institutions and organizations
to solve operational issues production activities within the competence
chief information security officer.
3.4. Represent the interests of the company in third-party organizations on issues,
related to the production activities of the enterprise.

4. RESPONSIBILITY

The Chief Information Security Officer is responsible for:
4.1. The results and efficiency of the production activities of the enterprise in terms of
compliance with information security measures.
4.2. Failure to ensure the performance of their functional duties, as well as work
subordinated to him services of the enterprise on issues of production activities.
4.3. Inaccurate information about the status of execution of work plans of subordinate services.
4.4. Failure to comply with orders, instructions and instructions of the director of the enterprise (options:
OJSC, CJSC, LLC, institutions, organizations).
4.5. Failure to take measures to suppress identified violations of safety regulations,
fire and other rules that pose a threat to the activities of the enterprise, its
employees.
4.6. Failure to ensure compliance with labor and performance discipline by employees
subordinate services and personnel subordinate to the Chief Security Specialist
information.

5. RIGHT TO SIGN. WORKING CONDITIONS

5.1. The exclusive scope of the Chief Information Security Officer
is to ensure the planning and organization of the production activities of the enterprise.
5.2. To the Chief Information Security Specialist to ensure his activities
the right to sign organizational and administrative documents on issues,
within its functional responsibilities.
5.3. The mode of operation of the Chief Information Security Officer is determined in
in accordance with the Internal Labor Regulations established at the enterprise.
5.4. Due to production needs, Chief Security Specialist
information can travel on business trips (including local).
5.5. To solve operational issues to ensure production activities,
The chief information security specialist may be allocated a company vehicle.

AGREED:

Job description and job responsibilities

chief information security officer.

1. GENERAL PROVISIONS

1.1. This job description defines the functional duties, rights and responsibilities of the Chief Information Security Specialist of the enterprise (options: OJSC, CJSC, LLC, institution, organization).

1.2. The chief information security specialist is appointed to the position and dismissed in accordance with the procedure established by the current labor legislation by order of the director of the enterprise.

1.3. The chief information security specialist reports directly to the director of the enterprise (options: OJSC, CJSC, LLC, institutions, organizations).

1.4. A person with a higher professional (technical) education and work experience in information security is appointed to the position of Chief Information Security Specialist.

1.5. The Chief Information Security Officer must know:

— legislative and regulatory legal acts on state (official, commercial) secrets; regulatory and methodological materials on issues related to information security; development prospects, specialization and activities of an institution, organization, enterprise (options: OJSC, CJSC, LLC, institutions,
organization) and its divisions; the nature of the interaction of divisions in the course of the economic activity of the enterprise (options: OJSC, CJSC, LLC, institutions, organizations) and the procedure for passing official information; complex protection organization system
information valid at the enterprise (options: OJSC, CJSC, LLC, institution, organization); prospects and directions of development of technical and software-mathematical means of information protection; methods and means of control of protected information, detection
information leakage channels, organization of technical intelligence; methods of planning and organization of scientific research, development, performance of work on information protection; the procedure for concluding contracts for special studies and inspections, work on the protection of technical means of transmission, processing, display and storage
information; domestic and foreign experience in the field of technical intelligence and information protection; fundamentals of economics, organization of production, labor and management; rules and regulations
labor protection.

1.6. During the temporary absence of the Chief Information Security Specialist, his duties are assigned to ___________________.

2. FUNCTIONAL RESPONSIBILITIES

Note. The functional responsibilities of the Chief Information Protection Specialist are determined on the basis and to the extent of the qualification characteristics for the position of the Chief Information Protection Specialist and can be supplemented, clarified when preparing the job description based on specific circumstances.

2.1. Manages the implementation of work on the integrated protection of information in the industry, at the enterprise (options: OJSC, CJSC, LLC, institution, organization), ensuring the effective application of all available organizational and engineering measures for protection,
constituting a state secret.

2.2. Participates in the development of technical policy and determination of prospects for the development of technical means of control, organizes the development and implementation of new technical and software-mathematical means of protection that exclude or significantly impede unauthorized access to official information constituting an official, state or commercial secret.

2.3. Participates in the review of technical specifications for product designs, research and development work to be protected, monitors the inclusion in them of the requirements of regulatory, technical and methodological documents on
information security and compliance with these requirements.

2.4. Prepares proposals for inclusion in the plans and work programs of organizational and engineering measures to protect information systems.

2.5. Participates in the creation of secure information technologies that meet the requirements of comprehensive information protection.

2.6. Organizes research work in the field of improving information security systems and increasing their efficiency.

2.7. Performs the whole complex (including especially complex) of work related to the control and protection of information, based on the developed programs and methods.

2.8. Organizes the collection and analysis of materials on possible channels of information leakage, including through technical channels, in the course of research and development related to the creation and production of special products (products) necessary for carrying out
work to ensure the protection of information.

2.9. Ensures the coordination of ongoing organizational and technical measures, the development of methodological and regulatory materials and the provision of the necessary methodological assistance in carrying out work on protecting information, assessing the technical and economic
the effectiveness of the proposed and implemented organizational and technical solutions.

2.10. Organizes work on the collection and systematization of the necessary information about the objects to be protected and protected information, provides methodological guidance and control over the work on assessing the technical and economic level and effectiveness of the developed information protection measures.

2.11. Leads the work on summarizing data on the need for technical and software-mathematical means of protecting information, control equipment, drawing up applications for the manufacture of these means, organizing their receipt and distribution among the objects of protection.

2.12. Promotes the dissemination of best practices and the introduction of modern organizational and technical measures, means and methods of information protection in order to increase their effectiveness.

2.13. Provides control over compliance with the requirements of regulatory and technical documentation, compliance with the established procedure for performing work, as well as the current legislation when resolving issues related to information security.

2.14. Coordinates the activities of departments and specialists in information security in the industry, at the enterprise, in the institution, organization.

3. RIGHTS

The Chief Information Security Officer has the right to:

3.1. To give instructions to subordinate employees and services, tasks on a range of issues included in his functional duties.

3.2. Control the implementation of planned targets and work, the timely execution of individual orders and tasks of subordinate services.

3.3. Request and receive the necessary materials and documents related to the activities of the Chief Information Security Specialist, his subordinate services and divisions.

3.4. Enter into relationships with departments of third-party institutions and organizations to resolve operational issues of production activities that fall within the competence of the chief information security specialist.

3.4. Represent the interests of the enterprise in third-party organizations on issues related to the production activities of the enterprise.

4. RESPONSIBILITY

The Chief Information Security Officer is responsible for:

4.1. The results and efficiency of the enterprise's production activities in terms of compliance with information security measures.

4.2. Failure to ensure the fulfillment of their functional duties, as well as the work of the enterprise's subordinate services on issues of production activities.

4.3. Inaccurate information about the status of execution of work plans of subordinate services.

4.4. Failure to comply with orders, orders and instructions of the director of the enterprise (options: OJSC, CJSC, LLC, institutions, organizations).

4.5. Failure to take measures to suppress the identified violations of safety regulations, fire safety and other rules that pose a threat to the activities of the enterprise, its employees.

4.6. Failure to ensure compliance with labor and performance discipline by employees of subordinate services and personnel subordinate to the Chief Information Security Specialist.

5. RIGHT TO SIGN. WORKING CONDITIONS

5.1. The exclusive area of ​​activity of the Chief Information Security Specialist is to ensure the planning and organization of the production activities of the enterprise.

5.2. To ensure his activities, the chief information security specialist is given the right to sign organizational and administrative documents on issues that are part of his functional duties.

5.3. The mode of operation of the Chief Information Security Specialist is determined in accordance with the Internal Labor Regulations established at the enterprise.

5.4. Due to production needs, the Chief Information Security Specialist may go on business trips (including local ones).

5.5. To resolve operational issues related to the provision of production activities, the Chief Information Security Specialist may be assigned a company vehicle. The job description of the chief information security specialist has been developed in accordance with:
______________________________________

(name, number and date of the document)

The chief information security specialist is familiar with the job description: ___________ ___________

(signature) (full name)