What is the Stab-Linien-Organisation (line-and-staff organization), and why is it so relevant for information security?
A line organization extended with staff positions (Stäbe) — specialists who advise the line but have no command authority of their own.
* Stab-Linien-Organisation — the line tree keeps unity of command; a Stabsstelle (CISO) advises with no command authority. *
Structure: the clear single line of command remains, but Stabsstellen (staff units) are attached to leadership positions to provide expertise: legal, quality, compliance — and classically information security.
Key characteristics of staff positions:
- They advise and prepare decisions — planning vs. execution is split
- They have the right to recommend, but no authority to command the line
- They supplement the line with expert knowledge
Advantages: combines unity of command with specialist expertise; better decisions through expert advice. Disadvantages: friction between line and staff; advice without enforcement power can be ignored; line may over-depend on staff.
Why this is THE security topic: CISOs are very often staff positions near top management. That placement provides independence and access — but the classic staff weakness (no command authority) is exactly why security officers need explicitly granted fachgebundene Richtlinienkompetenz (subject-bound directive competence) to be effective.
Go deeper:
Stabsstelle (Wikipedia DE) — Die Stabsstelle berät und entlastet die Leitung, hat aber keine Weisungsbefugnis — das CISO-Dilemma.
Aufbauorganisation (Wikipedia DE) — Ordnet die Stab-Linien-Organisation in die Aufbauorganisationsformen ein.
Staff and line (Wikipedia) — the same line-command vs advisory-staff split, in English.