| Issue | Person Responsibility | Result of Request | Resource Needed | Time Frame |
| Strategic1 (Governmental) | Upper Management | Develop regulations to promote cybersecurity. Enforcing regulations of cybersecurity standards. Promote cybersecurity awareness in education. | Approvals | Long Term (06 - 12 months) |
| Strategic 2 (CEO) | Upper Management | Maintaining compliance with the standard. Plan to manage the change. Provide the necessary resources for compliance. | Approvals Budget | Long Term (06 - 12 months) |
| Strategic 3 (CTO/CIO) | Upper Management | Ensure ISO 27001 compliance. Taking corrective action for non-compliance. Inform stakeholders of the level of compliance on regular basis. | Budget Skilled Workers Facilities, Safety. | Medium Term (03 - 6 months) |
| Tactical 1 | HR Manager | Selecting the right candidates for duties. Train the cybersecurity team appropriately. Employees coaching to help improvement. | Skilled Workers Facilities, Utilities Safety. | Medium Term (03 - 6 months) |
| Tactical 3 | IT Manager | Ensure IT policies comply with standards. Ensure IT systems comply with IT policies. Conducting security vulnerability assessments. Monitor compliance with standards regularly. Develop Incident Response Team. | Qualified Workers Facilities, Utilities Equipment, Safety Insurance. | Medium Term (03 - 6 months) |
| Operational 2 | Team Leader | Understand and communicate the standard. Providing training on security awareness. Continuous improvement cybersecurity culture. Solving problems and resolving conflicts. Goal management. | Qualified Workers Facilities, Utilities Safety, Insurance. | Short Term (01 - 03 months) |
| Operational 3 | Auditors | Conducting assessments with relevant IT polices and report non-compliance issues to senior. Management and take action to remediate security vulnerability finding. | Qualified Workers Facilities, Utilities Safety. | Short Term (01 - 03 months) |