nerdexam
(ISC)2

CISSP · Question #435

Which of the following BEST describes the responsibilities of data owner?

The correct answer is B. Determining the impact the information has on the mission of the organization. The data owner is a senior-level role responsible for classifying data based on its value and impact to the organization's mission, not for day-to-day technical management of that data.

Submitted by priya_blr· Mar 5, 2026Security and Risk Management

Question

Which of the following BEST describes the responsibilities of data owner?

Options

  • AEnsuing Quality and validation trough periodic audits for ongoing data integrity
  • BDetermining the impact the information has on the mission of the organization
  • CMaintaining fundamental data availability, including data storage and archiving
  • DEnsuring accessibility to appropriate users, maintaining appropriate levels of data security

How the community answered

(22 responses)
  • B
    95% (21)
  • D
    5% (1)

Why each option

The data owner is a senior-level role responsible for classifying data based on its value and impact to the organization's mission, not for day-to-day technical management of that data.

AEnsuing Quality and validation trough periodic audits for ongoing data integrity

Performing periodic audits for data quality and validation is the responsibility of the data custodian or a data steward, not the data owner.

BDetermining the impact the information has on the mission of the organizationCorrect

The data owner (typically a senior manager or executive) is responsible for determining the classification and business value of data, which includes assessing the impact the information has on the organization's mission. This classification decision drives all subsequent security controls, access policies, and handling requirements for that data asset.

CMaintaining fundamental data availability, including data storage and archiving

Maintaining data storage, availability, and archiving are operational and technical duties that fall under the data custodian's role, not the data owner's.

DEnsuring accessibility to appropriate users, maintaining appropriate levels of data security

Ensuring accessibility to appropriate users and enforcing data security controls are custodian-level responsibilities; the data owner defines the policy but does not implement or maintain it operationally.

Concept tested: Data owner role and responsibilities in data governance

Source: https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/govern/policy-compliance/data-classification

Topics

#data owner#data governance#roles and responsibilities#information classification

Community Discussion

No community discussion yet for this question.

Full CISSP Practice