A government contractor handles classified information up to the Secret level. The company's data classification policy recently changed, requiring that all documents marked as 'Confidential' be reclassified as 'Secret' after review. Who is ultimately accountable for ensuring that reclassification is performed correctly?
Trap 1: Data custodian
The data custodian implements controls but is not accountable for classification decisions.
Trap 2: Data subject
The data subject is the individual to whom the data pertains, not responsible for classification.
Trap 3: Data steward
The data steward focuses on data quality and metadata, not classification accountability.
- A
Data custodian
Why wrong: The data custodian implements controls but is not accountable for classification decisions.
- B
Data subject
Why wrong: The data subject is the individual to whom the data pertains, not responsible for classification.
- C
Data steward
Why wrong: The data steward focuses on data quality and metadata, not classification accountability.
- D
Data owner
Correct. The data owner is accountable for classification and ensuring compliance with policy.