CRISC Certified in Risk and Information Systems Control – Question502 Who should be responsible for implementing and maintaining security controls? A. Data custodian B. Internal auditor C. Data owner D. End user Show Answer Hide Answer Correct Answer: A Post navigation CRISC Certified in Risk and Information Systems Control – Question501CRISC Certified in Risk and Information Systems Control – Question503