Information Security

Ensures the confidentiality, integrity, availability, reliability, and non-repudiation of the organization?s information contained in and transmitted from systems and networks by implementing security laws, regulations, policies, standards, and control techniques.

Key Behaviors:

  • Uses knowledge of continuity assurance principles, methods, and practices to plan, implement and ensure continuous service.
  • Assesses risks associated with vulnerable systems and information.
  • Considers privacy, security and accessibility of government websites.
  • Keeps up to date on standards and determines or recommends levels of security protection required to protect and close exposure/risk to systems and information, in accordance with organization and federal standards.
  • Uses the concepts of confidentiality, integrity and availability as applied to information systems security.
  • Implements cost effective methods to reduce risks to systems and information.
  • Reviews the types of and uses or recommends the most effective security controls as directed by Federal policies and procedures.
  • Ensures procedures for detecting, reporting and responding to security incidents are consistent with and follow standards and guidelines issued by applicable governing entities and regulations.
  • Identifies and evaluates resources needed to achieve acceptable levels of security and to remedy deficiencies based on system criticality and information sensitivity.
  • Reads and/or collaborates to clearly understand the implications of legislation, regulations and standards related to information assurance and security.

Developmental opportunities for this competency are available from the NIH Training Center.