Systems Security Certified Practitioner (SSCP) — Question 82

Whose role is it to assign classification level to information?

Answer options

• A. Security Administrator
• B. User
• C. Owner
• D. Auditor

Correct answer: C

Explanation

The Owner is typically the individual or entity responsible for the information and thus has the authority to assign its classification level based on its sensitivity and importance. The Security Administrator, User, and Auditor may play roles in managing or reviewing classifications, but they do not have the final authority to assign them.