CRISC Certified in Risk and Information Systems Control – Question502

Who should be responsible for implementing and maintaining security controls?

A.
Data custodian
B. Internal auditor
C. Data owner
D. End user

Correct Answer: A