CISSP certification: Data, system, mission ownership, custodians and users.

Data, System, Mission Ownership, Custodians and Users:

Each role has unique roles and responsibilities to keep the data safe.

  • Mission/Business Owner:
    • Senior executives make the policies that govern our data security.
  • Data/Information Owner:
    • Management level, they assign sensitivity labels and backup frequency.
    • This could be you or a Data Owner from HR, Payroll or other departments.
  • System Owner:
    • Management level and the owner of the systems that house the data.
    • Often a Data Center Manager or an Infrastructure Manager.
  • Data Custodian:
    • These are the technical hands-on employees who do the backups, restores, patches, system configuration.
    • They follow the directions of the Data Owner.
  • Users:
    • These are the users of the data.
    • User awareness must be trained; they need to know what is acceptable and what is not acceptable, and the consequences for not following the policies, procedures and standards.
  • Data Controllers and Data Processors:
    • Controllers create and manage sensitive data in the organization (HR/Payroll)
    • Processors manage the data for Controllers (Outsourced Payroll)

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

You may also like

Leave a Reply