Roles and responsibilities

Cyber security must be a priority for project and operations teams from the outset. This includes setting clear roles and responsibilities for both the team and stakeholders.

This should be carried out by someone with the appropriate skills or qualifications, consulting the team in the process. This is usually a Senior Responsible Officer (SRO).

SRO's make risk-based decisions throughout digital service and infrastructure lifecycles to ensure security. These include those built by the department or supplied by vendors.

Secure by Design encourages teams to work together to spot and manage risks. It also enables:

ownership of specific security activities
identification of skills required within the team
identification of gaps in knowledge
personal responsibility for mitigating risk

How to agree roles and responsibilities
How we will help you implement Secure by Design

Other manuals

Standards and assurance

Working in DfE

Roles and responsibilities

Tell us what you think of this manual

Cookies on the security manual

Roles and responsibilities

Tell us what you think of this manual