Which of the following is the HIGHEST risk of a policy that inadequately defines data and system ownership?

Which of the following is the HIGHEST risk of a policy that inadequately defines data and system
ownership?

Which of the following is the HIGHEST risk of a policy that inadequately defines data and system
ownership?

A.
User management coordination does not exists

B.
Audit recommendations may not be implemented

C.
Users may have unauthorized access to originate, modify or delete data

D.
Specific user accountability cannot be established

Explanation:

There is an increased risk without a policy defining who has the responsibility for granting access
to specific data or systems, as one could gain system access without a justified business needs.
There is better chance that business objectives will be properly supported when there is
appropriate ownership.
unauthorized access.



Leave a Reply 0

Your email address will not be published. Required fields are marked *