CISM Certified Information Security Manager – Question0040
Who should be responsible for enforcing access rights to application data? A. Data owners B. Business process owners C. The security steering committee D. Security administrators
Correct Answer: D
Explanation:
Explanation:
As custodians, security administrators are responsible for enforcing access rights to data. Data owners are responsible for approving these access rights. Business process owners are sometimes the data owners as well, and would not be responsible for enforcement. The security steering committee would not be responsible for enforcement.
Please disable your adblocker or whitelist this site!