nerdexam
(ISC)2

CISSP · Question #337

Which of the following is a responsibility of the information owner?

The correct answer is B. Defining proper access to the Information System (IS), including privileges or access rights. One of the responsibilities of the information owner is to define proper access to the Information System (IS), including privileges or access rights. This involves determining who can access the data, what they can do with the data, and under what conditions they can access the

Submitted by mike_84· Mar 5, 2026Asset Security

Question

Which of the following is a responsibility of the information owner?

Options

  • AEnsure that users and personnel complete the required security training to access the Information
  • BDefining proper access to the Information System (IS), including privileges or access rights
  • CManaging identification, implementation, and assessment of common security controls
  • DEnsuring the Information System (IS) is operated according to agreed upon security requirements

How the community answered

(48 responses)
  • A
    2% (1)
  • B
    94% (45)
  • C
    4% (2)

Explanation

One of the responsibilities of the information owner is to define proper access to the Information System (IS), including privileges or access rights. This involves determining who can access the data, what they can do with the data, and under what conditions they can access the data. The information owner must also approve or deny the access requests and periodically review the access rights. Ensuring that users and personnel complete the required security training, managing the common security controls, and ensuring the IS is operated according to the security requirements are not the responsibilities of the information owner, but they may involve the information owner's collaboration or consultation.

Topics

#information owner#roles and responsibilities#access rights

Community Discussion

No community discussion yet for this question.

Full CISSP Practice