CISA Certified Information Systems Auditor – Question1472

An IS auditor should expect the responsibility for authorizing access rights to production data and systems to be entrusted to the:

A. process owners.
B. system administrators.
C. security administrator.
D. data owners.

Correct Answer: D

Explanation:

Explanation:
Data owners are primarily responsible for safeguarding the data and authorizing access to production data on a need-to-know basis.