Who should determine the appropriate access control of information?
A.
Owner
B.
User
C.
Administrator
D.
Server
Explanation:
All information generated, or used must have a designated owner. The owner must
determine appropriate sensitivity classifications, and access controls. The owner must
also take steps to ensure the appropriate controls for the storage, handling,
distribution, and use of the information in a secure manner.