Domestic Information Systems Security Officer

Overview
The Domestic Information Systems Security Officer (DISSO) is

"
 * (1) Provides desktop security support and fulfills “in-scope” information systems security officer (ISSO) as defined in 1 FAM 275.4-3;
 * (2) Performs in-scope ISSO roles and responsibilities for domestic consolidated bureaus which include:
 * (a) Establishing enterprise policy, processes and procedures in compliance with DOS desktop security guidelines;
 * (b) Administrating access control/user accounts to include file permissions;
 * (c) Performing desktop incident handling to include incident response, computer incident response team's (CIRT) litigation and remediation requests;
 * (d) Executing desktop security audits to include random security scans;
 * (e) Managing software download request authorizations;
 * (f)  Monitoring data transfer requests to include authorizing transfers to and from CDs, DVDs and other removable media;
 * (g) Providing training and education to include performing security briefings as well as informing users of Department of State security best practices; and
 * (h) Responsibility for maintaining requirements for all desktops and providing desktop security guidance to all users within bureaus that have fully consolidated—as defined by the respective master service level agreement (SLA) for each consolidated bureau and ISSO appointment memo.
 * (3) Works closely with “out-of-scope” ISSOs whose roles and responsibilities include:
 * (a) Performing certification and accreditation requirements;
 * (b) Managing “out-of-scope” applications and servers;
 * (c) Performing routine security audits for out-of-scope server functions; and
 * (d) Regulating physical security.