CISSP Question #649: Real Exam Question with Answer & Explanation

The correct answer is B: Data Owner. In the context of information security and entitlement reviews, the Data Owner is the individual or role within an organization responsible for determining who has a need for the information. The Data Owner has the authority and responsibility to define access levels, classify da

Submitted by neha2k· Mar 5, 2026Identity and Access Management

Question

When developing the entitlement review process, which of the following roles is responsible for determining who has a need for the information?

Options

AData Custodian
BData Owner
CDatabase Administrator
DInformation Technology (IT) Director

Explanation

In the context of information security and entitlement reviews, the Data Owner is the individual or role within an organization responsible for determining who has a need for the information. The Data Owner has the authority and responsibility to define access levels, classify data, and decide who should be granted access to specific data based on business needs, regulatory requirements, and security considerations. Data Owner: This role involves determining the appropriate access controls for the data, based on the sensitivity of the data and the user's need to access it for business purposes. The Data Owner works to ensure that the right individuals have access to the right information, with the right level of permissions.

Topics

#data owner#access control#entitlement review

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions