… beyond the project phase

e.g. CISO, DPO, CIO, Threat Management Team, Incident Response Team, Red/Blue/Purple Team, telephone tree (think of Finnish session from ECPC)

Read: https://www.philvenables.com/post/building-balanced-security-teams-the-rule-of-thirds

Related:
- [Checklist for auditing Cyber Operations](../📚️%20Literature%20notes/Checklists%20Gerardus%20Blokdyk/Checklist%20for%20auditing%20Cyber%20Operations.md)

Relevant ISO 27001 clauses/controls:
- [ISO 27001 C 5.3 Organizational roles, responsibilities and authorities](../Standards/ISO27x/archive/ISO%2027001%202013/ISO%2027001%20C%205.3%20Organizational%20roles,%20responsibilities%20and%20authorities.md)
- [ISO 27001 A 6.1 Internal organization](../Standards/ISO27x/archive/ISO%2027001%202013/ISO%2027001%20A%206.1%20Internal%20organization.md)