The Office of Information Security (OIS) is independent from network and information technology operations and is managed by the Chief Information Security Officer (CISO), who reports directly to the CIO. OIS establishes and maintains the enterprise vision, strategy, and program to ensure information assets and technology are adequately protected. As part of the ongoing service delivery, OIS provides leadership and oversight of a comprehensive state information security program which includes continuous monitoring, vulnerability scanning, focused assessments, security incident response coordination, physical security access services, and other operational security services for the Executive Branch. The OIS staff identifies, develops, implements, and maintains enterprise security processes to reduce information technology risk. The CISO directs response to incidents, establishes appropriate standards and controls, manages security technologies, and directs the establishment and implementation of policies and procedures. The CISO chairs the State Information Security Committee and is on the Nevada Commission on Homeland Security's Cyber Security Committee. Statutory Authority: NRS 242