Chief Security Officer (CSO) will be used as the generic term to signify the most senior security professional at an organization. Factors to consider when determining the most senior security professional include, inter alia, control of security budget, direct upward reporting relationship to a non-security executive, and ultimate authority over security policies and procedures.
I. Applicants must be members of ASIS International, though they may apply to both ASIS and the CSO Center simultaneously.
II. Security professionals are eligible to become CSO-level members if they are the highest-level security professional in their organization (i.e. do not report to a security executive), have the scope of responsibilities and authority commensurate with a senior leader as specified above, and work:
(a) a corporation with at least US $500 million in gross annual revenue or equivalent in another currency, or at a business unit, division, region, or subsidiary of a corporation, provided that the business unit, division, region, or subsidiary has at least US $300 million in gross annual revenue; or
(b) at a company that provides security services as its principal business and has at least US$300 million in gross annual revenue*,
(c) at a significant government (local/provincial/state/federal/international, etc.) department and agency, or
(d) at a significant not-for-profit or non-profit organization, or
(e) at another business, agency, facility, or organization deemed to have distinctive and notable global or national significance.
III. Factors that may determine eligibility pursuant to II© above include, but are not limited to:
(a) number of reporting levels between the CSO and the head of the entire department/independent agency
(b) whether the head of the agency/department must be confirmed by the U.S. Senate, or analogous situations outside of the United States (agency/department heads who must be confirmed presumptively meet the requirement for an eligible government organization)
(c) size, scope, and influence of the department/agency (iv) number of titular CSOs in the same position (e.g. U.S. State Department RSOs, regional FBI CSOs, etc.), with a multiplicity of CSOs in the same position weighing against eligibility.
IV. Factors that may determine eligibility pursuant to II(d), and II(e) above include, but are not necessarily limited to;
(a) status as a critical infrastructure
(b) national/global reach
(c) cultural or iconic value
(d) economic impact
(f) number and/or type of clients or customers served
(g) total value of assets held.
V. If a CSO applies for membership pursuant to II (a) above and is not the global corporate CSO for the entire enterprise, regardless of whether the applicant directly reports to that global corporate CSO or not, the applicant must receive written or oral approval for membership from the global corporate CSO. He/she then qualifies as a deputy and may not nominate direct reports for membership (See “Deputies,” below.)
VI. If a CSO applies for membership pursuant to II©, (d), or (e) above, he or she must submit statement explaining how the organization satisfies the required criteria (e.g. what makes it a “significant” government agency). An interview with a member of the Membership Committee or ASIS staff may substitute for such a submission.
It is acknowledged that organizations may have multiple top-level professionals who have significant security duties and who are of equal standing in the organizational hierarchy (e.g. vice president of enterprise loss prevention, vice president of corporate security, vice president of IT security). All professionals who have such duties that are traditionally considered part of the security body of knowledge shall be considered CSOs and may be eligible for membership.
CSOs who are deemed eligible for membership (whether they apply for membership or not) may nominate up to four direct-reports for membership, provided that these direct-reports operate in a managerial security capacity at the nominating CSO’s organization (or in a subsidiary if the senior security person there reports directly to the parent’s CSO. The stated purpose is to educate and develop the next generation(s) of top security executives. All deputy/direct report applicants must also provide a current job description, affirmation from the CSO, and completed application form, as well as payment for membership.
If a current member in good standing leaves his or her position before the end of the membership term, that member shall retain membership in the Roundtable until the end of the term, even if he or she does not hold a subsequent CSO or deputy position during that term. However, if that member has his or her ASIS membership revoked, then his or her CSO Center membership is also revoked.
Memberships are personal, not organizational, and an employer may not transfer membership to another person. But the departed employee shall not count against his or her former company toward the organizational limit on members.