The Application Security Risk Manager (ASRM) is responsible for managing the organization’s information security risks, ensuring that security risks affecting the organization are known, evaluated for significance, appropriately communicated, and effectively addressed through the application of appropriate security controls and processes. The ASRM manages the security risk register and champions the timely resolution of security risks.
