Responsibility for protection is clear throughout the
organization. Examples include executive-level responsibility for overall
information asset protection, delineated responsibility at every level off
the organization, and spelled out responsibilities for individual
Complexity: The challenges of organizational responsibility are substantial
because they involve getting people to understand information protection at
an appropriate level to their job functions..