CISA Certified Information Systems Auditor – Question0502

The decision to accept an IT control risk related to data quality should be the responsibility of the:

A.
information security team
B. chief information officer (CIO)
C. business owner
D. IS audit manager

Correct Answer: C