system security plan

What is a System Security Officer, System Owner, and Information Owner?

Omer Aslim selfie
By: Omer Kaan Aslim
February 10, 2022
Learn what these essential roles are for your system security plan.

System Owner

According to the NIST glossary, a system owner is a person or organization having responsibility for the development, procurement, integration, modification, operation, and maintenance, and/or final disposition of an information system.

Information Owner

According to the NIST glossary, an information owner is an official with statutory or operational authority for specified information and responsibility for establishing the controls for its generation, collection, processing, dissemination, and disposal.

System Security Officer

According to the NIST glossary, an SSO is an individual with assigned responsibility for maintaining the appropriate operational security posture for an information system or program.

Discover Our NIST SP 800-171 Solutions:


Compliance Accelerator

For contractors seeking compliance

Quantum Assessor

For IT service providers

Supply Chain Verifier

For contractors seeking to verify partner compliance