Who should be responsible for enforcing access rights to application data?

Posted by: Pdfprep Category: CISM Tags: , ,

Who should be responsible for enforcing access rights to application data?
A . Data owners
B . Business process owners
C . The security steering committee
D . Security administrators

Answer: D

Explanation:

As custodians, security administrators are responsible for enforcing access rights to data. Data owners are responsible for approving these access rights. Business process owners are sometimes the data owners as well, and would not be responsible for enforcement. The security steering committee would not be responsible for enforcement.

Leave a Reply

Your email address will not be published.