SY0-701 · Question #688
SY0-701 Question #688: Real Exam Question with Answer & Explanation
The correct answer is C: Assigning roles and responsibilities for owners, controllers, and custodians. Assigning roles and responsibilities for owners, controllers, and custodians (C) is the foundational element of security governance because governance is fundamentally about accountability - defining who is responsible for what ensures that policies are owned, enforced, and audit
Question
Which of the following is the most important element when defining effective security governance?
Options
- ADiscovering and documenting external considerations
- BDeveloping procedures for employee onboarding and offboarding
- CAssigning roles and responsibilities for owners, controllers, and custodians
- DDefining and monitoring change management procedures
Explanation
Assigning roles and responsibilities for owners, controllers, and custodians (C) is the foundational element of security governance because governance is fundamentally about accountability - defining who is responsible for what ensures that policies are owned, enforced, and auditable across the organization. Without clear role assignment, no other governance activity has anyone responsible for executing or maintaining it.
- A is wrong because documenting external considerations (regulations, threats) is part of risk assessment and compliance scoping, not governance definition itself.
- B is wrong because onboarding/offboarding procedures are operational HR and access management processes - important, but downstream of governance structure.
- D is wrong because change management is a control process that supports governance, not what defines it.
Memory tip: Think of governance as answering "WHO is in charge?" before anything else. Owners own the data, controllers decide how it's used, custodians protect it - no roles means no governance, just rules with no one to follow them.
Topics
Community Discussion
No community discussion yet for this question.