The valuation of IT assets should be performed by:

The valuation of IT assets should be performed by:

The valuation of IT assets should be performed by:

A.
an IT security manager.

B.
an independent security consultant.

C.
the chief financial officer (CFO).

D.
the information owner.

Explanation:

Information asset owners are in the best position to evaluate the value added by the IT asset
under review within a business process, thanks to their deep knowledge of the business
processes and of the functional IT requirements. An IT security manager is an expert of the IT risk
assessment methodology and IT asset valuation mechanisms. However, the manager could not
have a deep understanding of all the business processes of the firm. An IT security subject matter
expert will take part of the process to identify threats and vulnerabilities and will collaborate with
the business information asset owner to define the risk profile of the asset. A chief financial officer
(CFO) will have an overall costs picture but not detailed enough to evaluate the value of each IT
asset.



Leave a Reply 1

Your email address will not be published. Required fields are marked *


Ali

Ali

it should me process owner not information owner