
What is a System Security Officer, System Owner, and Information Owner?
Learn what these essential roles are for your system security plan.
Join our newsletter:
System Owner
According to the NIST glossary, a system owner is a person or organization having responsibility for the development, procurement, integration, modification, operation, and maintenance, and/or final disposition of an information system.
Information Owner
According to the NIST glossary, an information owner is an official with statutory or operational authority for specified information and responsibility for establishing the controls for its generation, collection, processing, dissemination, and disposal.
System Security Officer
According to the NIST glossary, an SSO is an individual with assigned responsibility for maintaining the appropriate operational security posture for an information system or program.