Security Executive Council: Confusion about investigative program ownership/responsibility is too often the case. Problems include untrained people conducting investigations, multiple reporting systems and confusion over whos in charge. Unified Risk Oversight (URO) is a trademarked concept. An effective investigation cannot be fragmented. It has to be unified, with a clear leader, clear lines of responsibility and comprehensive lines of communication. The most important consideration is to have an existing and agreed upon understanding of who is responsible for what, and how the issue will be handled and communicated.”]
Source: https://www.csoonline.com/article/2889191/who-owns-an-investigation.html