Information System Security Officer. The person responsible to the DAA for ensuring that security is provided for and implemented throughout the life cycle of an AIS from the beginning of the system concept development phase through its design, development, operation, maintenance, and secure disposal.