Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  5. Cyber Security Governance and Risk Management Lead

Cyber Security Governance and Risk Management Lead

Role summary

Cyber Security Governance and Risk Management is the monitoring of compliance with agreed cyber security policies and the assessment and management of relevant risks.

Role expectations

At this role level, you will:

  • Independently undertake risk management activities within a given area of practice or expertise, usually within established security and risk management governance structures
  • Lead the analysis and derivation of business-supporting security needs, undertake Cyber Security related risk assessments, conduct tailored threat assessment and other
    risk management activities, and ensure activities are consistent with applicable regulations and legislation
  • Provide tailored advice to a range of stakeholders on how to remedy identified risks by proportionately applying security capabilities, using published guidance, standards,
    and drawing on a range of experts as well as personal expertise
  • Provide expert security advice that highlights Cyber Security related risks, so risk or service owners can make well-informed and auditable decisions

Accreditation skills

Accreditation level – Principal

For information on accreditation, see UK Cyber Security Council – Standard of Professional Competence and Commitment: Cyber Security Governance and Risk Management

Learning pathway

Certified in Risk and Information Systems Control (CRISC)

Skills

Information risk assessment and risk management

Practitioner

Applied security capability

Practitioner

Protective security

Practitioner

Threat understanding

Practitioner

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now