When discussing policies and procedures who is strictly resp

When discussing policies and procedures, who is strictly responsible for the protection of the company’s assets and data?

A. User

B. Data owner

C. Data custodian

D. Security auditor

Solution

B. The data owner, who is typically a member of senior management, is responsible for protecting company assets and data. Answer A is incorrect because the user is the individual who uses the documentation. Answer C is incorrect because the data custodian is responsible for maintaining and protecting the company’s assets and data. Answer D is incorrect because the auditor makes periodic reviews of the documentation, verifies that it is complete, and ensures that users are following its guidelines.