The CISO's responsibilities in recent years have shifted from the administration of IT security tools to complex risk management. The head of information security is more than ever involved in development and maintaining security-related processes across the organization. On one hand, the CISO must lead a team of security experts, prioritize risks and allocate resources. On the other hand, the CISO must supervise the integration of IT systems development with information protection policies.