The position of Information and Communication Technology Security Officer (ICTSO) is held by the Director of the Digital and Information Technology Division (BDTM), Public Services Department (JPA).
The roles and responsibilities of ICTSO are as follows:
- Chairing the ICT Security Committee (JKICT);
- Enforcing the implementation of JPA ICT Security Policies across all departments within JPA;
- Ensuring risk management and ICT security audits are conducted according to the Public Sector Cyber Security Framework (RAKKSSA) and JPA ICT Security Policies;
- Recommending reinforcement measures to comply with JPA ICT security policies;
- Reporting ICT security incidents to the National Cyber Security Agency (NACSA) and assisting in investigations or recovery efforts;
- Ensuring the implementation of ICT security awareness programs;
- Providing and disseminating appropriate warnings regarding potential ICT security threats and offering advisory services and recovery measures;
- Reporting ICT security incidents to the Chief Digital Officer (CDO) for incidents requiring Business Continuity Management (BCM);
- Ensuring compliance with JPA ICT Security Policies by external parties providing ICT services to JPA for procurement, installation, maintenance, etc.;
- Reviewing, analysing, and preparing reports related to ICT security issues;
- Ensuring JPA ICT Security Policies are updated in accordance with departmental directives, current regulations, technological changes, as well as internal and external threats; and
Ensuring that the JPA Digitalization Strategic Plan (PSP) includes ICT security aspects.