Target audience roles and responsibilities
Key roles include:
- Management: Approve security and privacy deliverables and ensure resourcing.
- System owners: Classify data, approve risk treatment, and ensure compliance.
- Project managers: Include security tasks in plans and enforce deliverables.
- Security expert: Lead threat/risk assessments, reviews, and testing.
- Developers: Implement secure code and remediate findings.
- System administrator: Apply configurations, patching, and continuous monitoring.
- Database administrators: Secure, manage, and monitor databases to protect and maintain data.