Information Security Officer role has grown greatly in recent years Head in response to security threats and the challenging business environment. A good risk management methodology should take into account company-specific information security needs as well as legal and regulatory requirements. This also explains the process of key management system that should be included in the ISMS. Chief Information Security Officer bombarded with huge challenges every day, from recommending security applications for strategic thinking and business innovation. This guide describes the hard and soft skills that success requires a CISO: not only a good knowledge of information security, but also attributes such as flexibility and communication skills.