A National RACI Chart for an Interoperable "National Cyber Security" Framework

Governments worldwide have faced serious Cyberterrorism threats, in a context where interoperability of "TransNational CyberSecurity Plans" is quite absent, in order to deal with incidents. It is important to know which agency or agencies should be given the responsibility for "National Cybersecurity", in order to ensure that computer security will receive government-wide attention. Therefore, sectors and lead agencies should assess the reliability, vulnerability, and threat environments of the infrastructures and employ appropriate protective measures and responses to safeguard them. Responsibility Charting is a technique for identifying functional areas where there are process ambiguities, bringing the differences out, and resolving them through a cross-functional collaborative effort. We provide in this paper a "National RACI chart" that defines for each National Cyber Security process, who is "Responsible", "Accountable", "Consulted" and "Informed". The "RACI chart" defines in detail what has to be delegated and to whom, and what kind of responsibility will be affected to one stakeholder instead of another. Thus, it will aid organisations and teams identifying the responsibility for specific elements at the national level.