CRISC Certified in Risk and Information Systems Control – Question068

Which of the following is the priority of data owners when establishing risk mitigation method?

A.
User entitlement changes
B. Platform security
C. Intrusion detection
D. Antivirus controls

Correct Answer: A

Explanation:

Explanation:
Data owners are responsible for assigning user entitlement changes and approving access to the systems for which they are responsible.
Incorrect Answers: B, C, D: Data owners are not responsible for intrusion detection, platform security or antivirus controls. These are the responsibilities of data custodians.