Updating roles and responsibilities

I have generic statements that would apply all staff and some that would be specific to certain staff only. For instance, an Information Security Officer, this is not a dedicated role within our organization, however, these responsibilities may sit in other role descriptions such as senior networks engineer and CTO perhaps.
Any guidance would greatly be appreciated.

Answer
ISO 9001:2015 promotes the process approach. Each process can be described by a flowchart and swim lanes for roles, responsibilities and authorities.

Now, for every process flowchart you can list for each role or function their authorities and responsibilities and at the end you will have a clear picture. This way it is much easier t o plan relevant training to attain competence at each role.

The following material will provide you more information about roles and responsibilities:
How to document roles and responsibilities according to ISO 9001 - https://advisera.com/9001academy/blog/2018/02/26/how-to-document-roles-and-responsibilities-according-to-iso-9001/
- Free webinar on demand - The Process Approach - What it is, why it is important, and how to do it - https://advisera.com/9001academy/webinar/iso-9001-process-approach-free-webinar-on-demand/
- Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/