Which term best describes the published guidance that establishes who is empowered to conduct internal investigations within an organization?

The line of authority is the published guidance that defines who is empowered to conduct internal investigations. It establishes the formal reporting relationships, who has the mandate to initiate and lead investigations, and the limits of their authority. This structure ensures investigations are handled by individuals with appropriate independence and accountability, and it helps maintain consistency and due process across the organization. Other concepts don’t fit as well because they address different aspects. An incident response plan outlines steps for detecting and responding to security incidents, not who should investigate internal issues. A chain of custody tracks how evidence is handled to preserve its integrity, not who has the authority to investigate. A data retention policy governs how long data is kept and how it’s disposed of, not the authority to conduct investigations.