This Information Security Handbook provides a broad overview of information security program elements to assist managers in understanding how to establish and implement an information security program. Purpose and Applicability The purpose of this publication is to inform members of the information security management team (agency heads; chief information officers [CIOs]; senior agency information security officers [SAISOs], also commonly referred to as Chief Information Security Officers [CISOs]; and security managers) about various aspects of information security that they will be expected to implement and oversee in their respective organizations.