Responsible for protecting the organization’s computers, networks and information against threats, such as security breaches, computer viruses or attacks by cyber-criminals. Protect against any loss of confidential information. Security Assessment: asses the organization’s security measures, such as firewalls, anti-virus software; passwords, and other to identify any weak points that might make systems and information vulnerable to attack or improper disclosure. Plan and carry out simulated attacks to test the efficiency of security measures. Prioritize security coverage to ensure that strategically important data, such as patient, employee, and other information receives the highest levels of protection. Security Policies and Procedures: minimize risk by maintaining existing and developing new required policies and procedures;   promote secure systems and data access and protection practices. Manage the various levels of systems and data access given to employees based on job function. Provide training for employees, explaining security risks and demonstrating good practices, such as using strong passwords and protecting data when using mobile devices outside the office, and a variety of other best practices. Monitor and Review: set up procedures and automated processes to monitor the status and access of computers, networks, and protected information. Respond quickly to determine the cause and deal with any detected threats. Analyze reports generated by the monitoring systems to identify trends that might indicate a future risk. Coordinate the review of the established security safeguards to ensure compliance with federal and state security regulations.