Ask who owns 911 compliance at most organizations and you’ll get a tour of the org chart. IT says it’s a safety issue, so probably security. Security says it’s a phone system issue, so definitely IT. Facilities says they just manage the buildings. Legal says they flagged it in an email two years ago. Everyone is partially right — which is exactly how a federal obligation ends up owned by no one.
Kari’s Law and RAY BAUM’s Act don’t name a department. They place obligations on the organization operating the multi-line telephone system, and they don’t accept “we thought someone else had it” as a defense. This article is about the organizational failure mode behind most compliance gaps we see — and a practical way to fix it this quarter.
Why 911 compliance falls between the chairs
911 readiness is genuinely cross-functional, and each function sees only its own slice. The phone system belongs to IT or a telecom team. The floor plans, room numbers, and construction schedule belong to facilities. The people who respond when an alert fires belong to security. The regulatory exposure belongs to legal. The budget decision often belongs to a CFO who has never heard of RAY BAUM’s Act.
Every one of those groups holds a piece the others can’t supply. IT can configure notification, but only security knows who should receive it at 2 a.m. Facilities knows Suite 240 became Suite 260 in the renovation, but nobody told the person who maintains the location database — because no such person was ever named. The work isn’t hard. It’s unassigned.
The symptoms of unowned compliance
Organizations without a named owner tend to show the same pattern. Nobody can produce the current 911 location mapping without a scavenger hunt. Notifications go to a distribution list nobody has audited since it was created — including, in cases we’ve seen, to employees who left years ago. Test calls happen once, at deployment, and never again. And the question “are we compliant?” gets answered with “we believe so,” which is what organizations say when no individual is accountable for the answer being yes.
None of this looks like risk day to day, because 911 is the rare system that’s used almost never and needed absolutely. The gap only becomes visible during an emergency, an FCC inquiry, or — increasingly — a customer or insurer asking for evidence of compliance. With the Kari’s Law Reporting Act directing the FCC to examine how well organizations are actually complying, “we believe so” is aging badly as an answer.
The fix: one owner, three deputies
The model that works is simple and boring, which is why it works. Name a single accountable owner for 911 compliance — in most organizations the right home is the IT leader who owns the phone system, because that’s where the technical controls live. Then formalize three supporting roles:
- A facilities liaison responsible for feeding every move, renovation, renumbering, and new site into the location data process — ideally as a required step in the project checklist, not a courtesy email.
- A security or response liaison who owns the notification roster: who gets alerted, on what devices, in what order, and what they’re expected to do when the alert arrives. A notification policy is a response plan, not a distribution list.
- A legal or compliance liaison who keeps the documentation: what the rules require, what the organization has deployed, when it was last tested, and where the evidence lives.
The owner’s job is not to do all the work. It’s to be the person whose name is on the answer when anyone — an executive, an auditor, a new security director — asks where things stand.
What the owner should put on the calendar
Ownership becomes real when it becomes recurring. A workable baseline: verify location data after every office move or network change and review it fully on a set cadence; place 933 test calls from a rotating sample of locations, including remote workers; audit the notification roster quarterly against the actual employee directory; and re-verify everything after any phone system migration, because a platform cutover can quietly reset compliance you thought was settled.
None of these tasks takes long. All of them are the kind of thing that only happens when a specific person is expected to make them happen.
The owner’s first 30 days
If you’ve just been handed — or just claimed — ownership, the first month is about establishing ground truth, not fixing everything. A realistic opening sprint looks like this: pull the current location mapping and compare a sample against physical reality by actually walking to the phones; place a handful of 933 test calls, including one from a remote worker’s softphone; open the notification configuration and check every recipient against the current employee directory; and ask legal what documentation exists, then start a folder for what doesn’t.
That exercise usually surfaces two or three findings that justify the role’s existence on their own — a floor that renumbered its suites, an alert going to a departed employee, a batch of softphones registered to an office nobody sits in anymore. Bring those findings to leadership not as failures but as evidence: this is what unowned compliance accumulates, and this is why the owner now exists. It’s also the moment to evaluate whether your current tooling helps or fights you, because the difference determines whether this role takes hours a quarter or days a month.
The right platform makes the owner’s job small
Part of why 911 compliance goes unowned is that legacy tooling made ownership miserable — on-premises servers to patch, per-change professional services fees, interfaces nobody wanted to log into. Modern platforms remove the excuse. 9Line is fully cloud-based with nothing to install, keeps location data manageable by the person who actually owns it, and handles Cisco Call Manager, Microsoft Teams Direct Routing, and BroadWorks environments in one place. And because 9Line sits in the call path, the same platform can do what a compliance checkbox never could: with Echo, your response team sees a real-time transcription of the 911 call, so the person who owns compliance is also handing responders genuine situational awareness — not just an alert that something, somewhere, happened.
The bottom line
Kari’s Law and RAY BAUM’s Act made 911 readiness a legal obligation. Your org chart decides whether it’s a managed one. Name the owner, staff the three liaisons, put the recurring checks on a calendar, and give the owner a platform that makes the job small. If you’re the person reading this and realizing the owner is probably you — that’s a fine place to start, and we should talk.



