An organization has implemented a new customer relationship management (CRM) system. Who should be responsible for enforcing authorized and controlled access to the CRM data?
The data owner determines who should have the authority to access the data. The data custodian ENFORCES the authority recommended by the data owner. It's A for me.
Answer is B: The data owner. B. The data owner. Because access must be authorized, and authorization decisions belong to the data owner. The custodian just carries out those decisions. Custodian enforces access technically. Owner enforces access organizationally and is ultimately responsible for making sure access is appropriate.
B The data owner should be responsible for enforcing authorized and controlled access to the CRM data. The data owner is typically responsible for determining access rights and ensuring that access controls are implemented and maintained in accordance with the organization's policies and data protection requirements.
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
60d8b7d
Highly Voted 1 year, 1 month agoSHERLOCKAWS
Most Recent 1 month, 1 week agoITAbi
1 month, 1 week agoInfosecnerd
8 months, 2 weeks agobronay
1 year agooluchecpoint
1 year, 1 month agoats20
1 year, 1 month ago