nerdexam
(ISC)2

CISSP · Question #1471

Who in the organization is accountable for classification of data information assets?

The correct answer is A. Data owner. The person in the organization who is accountable for the classification of data information assets is the data owner. The data owner is the person or entity that has the authority and responsibility for the creation, collection, processing, and disposal of a set of data. The dat

Submitted by lukas.cz· Mar 5, 2026Asset Security

Question

Who in the organization is accountable for classification of data information assets?

Options

  • AData owner
  • BData architect
  • CChief Information Security Officer (CISO)
  • DChief Information Officer (CIO)

How the community answered

(31 responses)
  • A
    87% (27)
  • B
    6% (2)
  • C
    3% (1)
  • D
    3% (1)

Explanation

The person in the organization who is accountable for the classification of data information assets is the data owner. The data owner is the person or entity that has the authority and responsibility for the creation, collection, processing, and disposal of a set of data. The data owner is also responsible for defining the purpose, value, and classification of the data, as well as the security requirements and controls for the data. The data owner should be able to determine the impact of the data on the mission of the organization, which means assessing the potential consequences of losing, compromising, or disclosing the data. The impact of the data on the mission of the organization is one of the main criteria for data classification, which helps to establish the appropriate level of protection and handling for the data. The data owner should also ensure that the data is properly labeled, stored, accessed, shared, and destroyed according to the data classification policy and procedures.

Topics

#Data classification#Data ownership#Roles and responsibilities#Data governance

Community Discussion

No community discussion yet for this question.

Full CISSP Practice