Top management shall ensure that the responsibilities and authorities for roles relevant to information security are assigned and communicated. 高层管理者应确保分配并传达了信息安全相关角色的职责和权限。
Top management shall assign the responsibility and authority for:
高层管理者应分配下列职责和权限:
a) ensuring that the information security management system conforms to the requirements of this International Standard; and
b) reporting on the performance of the information security management system to top management.
a) 确保信息安全管理体系符合本标准的要求;
b) 将信息安全管理体系的绩效报告给高层管理者。
NOTE Top management may also assign responsibilities and authorities for reporting performance of the information security management system within the organization. 注:高层管理者可能还要分配在组织内部报告信息安全管理体系绩效的职责和权限。