Isaca Exam CRISC Topic 3 Question 57 Discussion

Actual exam question for Isaca's CRISC exam

Question #: 57
Topic #: 3

An IT department has provided a shared drive for personnel to store information to which all employees have access. Which of the following parties is accountable for the risk of potential loss of confidential information?

ARisk manager

BData owner

CEnd user

DIT department

Show Suggested Answer

Suggested Answer: D

by Garry at Jan 07, 2023, 10:14 PM

Limited Time Offer

25%

Off

Get Premium CRISC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Dierdre

9 hours ago

Wait, are we sure there's even any confidential information on this shared drive? Maybe the employees are just storing their cat photos and recipes. You know how that goes...

upvoted 0 times

...

Tijuana

3 days ago

I'm not so sure. The IT department is the one providing the shared drive, so they have a duty to ensure it's secure. This one's on them, in my opinion.

upvoted 0 times

...

Donte

13 days ago

But shouldn't the IT department also be accountable for ensuring the security of the shared drive?

upvoted 0 times

...

Arthur

16 days ago

The data owner is definitely responsible here. They should have set up proper access controls and data classification policies to protect sensitive information.

upvoted 0 times

Casie

2 days ago

The data owner is definitely responsible here.

upvoted 0 times

...

Ramonita

17 days ago

I agree with Rene, the data owner should be responsible for protecting confidential information.

upvoted 0 times

...

Rene

25 days ago

I think the data owner is accountable for the risk.

upvoted 0 times

...