nerdexam
(ISC)2

CISSP · Question #901

Which factors MUST be considered when classifying information and supporting assets for risk management, legal discovery, and compliance?

The correct answer is B. Data stewardship roles, data handling and storage standards, data lifecycle requirements. When classifying information and supporting assets for risk management, legal discovery, and compliance, the key factors to consider are: 1. Data stewardship roles: This involves defining who is responsible for overseeing data throughout its lifecycle, including its classificatio

Submitted by devops_kid· Mar 5, 2026Asset Security

Question

Which factors MUST be considered when classifying information and supporting assets for risk management, legal discovery, and compliance?

Options

  • ASystem owner roles and responsibilities, data handling standards, storage and secure
  • BData stewardship roles, data handling and storage standards, data lifecycle requirements
  • CCompliance office roles and responsibilities, classified material handling standards, storage
  • DSystem authorization roles and responsibilities, cloud computing standards, lifecycle

How the community answered

(26 responses)
  • A
    4% (1)
  • B
    77% (20)
  • C
    15% (4)
  • D
    4% (1)

Explanation

When classifying information and supporting assets for risk management, legal discovery, and compliance, the key factors to consider are: 1. Data stewardship roles: This involves defining who is responsible for overseeing data throughout its lifecycle, including its classification, protection, and management. Data stewards ensure that data is handled appropriately according to internal policies, legal requirements, and compliance regulations. 2. Data handling and storage standards: Organizations need to establish standards for how data is handled (e.g., collection, access, sharing) and stored (e.g., encryption, storage methods). These standards ensure that data is protected according to regulatory and organizational 3. Data lifecycle requirements: This refers to the need to manage data across its entire lifecycle- from creation and storage to deletion or archival. Properly managing the data lifecycle is essential for ensuring compliance, mitigating risks, and enabling legal discovery when necessary.

Topics

#Information classification#Data lifecycle#Data stewardship#Data handling standards

Community Discussion

No community discussion yet for this question.

Full CISSP Practice