Accountability for the maintenance of appropriate security measures over information assets resides with the:
A.
security administrator.
B.
systems administrator.
C.
data and systems owners.
D.
systems operations group.
Explanation:
Management should ensure that all information assets (data and systems) have an appointed owner who makes decisions about classification and access rights. System owners typically delegate day-to-day custodianship to the systems delivery/operations group and security responsibilities to a security administrator. Owners, however, remain accountable for the maintenance of appropriate security measures.