Certified Chief Information Security Officer (CCISO) — Question 69

Who in the organization determines access to information?

Answer options

• A. Compliance officer
• B. Legal department
• C. Data Owner
• D. Information security officer

Correct answer: C

Explanation

The Data Owner is responsible for determining access to information as they have the authority over the data and its usage. While the Compliance officer, Legal department, and Information security officer may provide guidelines and support, they do not have the final say in access decisions.