The data access requirements for an application should be determined by the:
A.
legal department.
B.
compliance officer.
C.
information security manager.
D.
business owner.
Explanation:
Business owners are ultimately responsible for their applications. The legal department,
compliance officer and information security manager all can advise, but do not have final
responsibility.