Cybersecurity responsibilities are documented
Context and Guidance: Cybersecurity responsibilities should be clearly documented (in job descriptions or performance criteria, for example) so that staff members know their responsibilities and can plan their performance accordingly. The definition of cybersecurity responsibilities in the job description establishes the foundation for performance management and measurement of the staff member’s commitment to helping the organisation sustain operational resilience.
Related Practices • Progression: This practice is part of a practice progression. Practice progressions are groups of related practices that represent increasingly complete or more advanced implementations of an activity. The practices in this progression include: WORKFORCE-3a, WORKFORCE-3d, WORKFORCE-3e.