CISM Certified Information Security Manager – Question0297
Which of the following roles is PRIMARILY responsible for determining the information classification levels for a given information asset? A. Manager B. Custodian C. User D. Owner
Correct Answer: D
Explanation:
Explanation:
Although the information owner may be in a management position and is also considered a user, the information owner role has the responsibility for determining information classification levels. Management is responsible for higher-level issues such as providing and approving budget, supporting activities, etc. The information custodian is responsible for day-to-day security tasks such as protecting information, backing up information, etc. Users are the lowest level. They use the data, but do not classify the data. The owner classifies the data.
Please disable your adblocker or whitelist this site!