option B
Option B: Reviewing data classification questionnaires completed by data owners is a crucial step, as data owners are typically the best source of information about the data they handle. This method allows for input from those who are familiar with the data’s sensitivity and usage.
Option C: While BIA is primarily used for understanding business processes, its insights can inform data classification decisions by highlighting which data supports critical processes and has significant business impact. However, it's not the direct method for classifying data itself.
B. "Review data classification questionnaires completed by data owners" is the most appropriate procedure. Data owners, who are responsible for the data and understand its value and sensitivity, should be the ones to complete detailed questionnaires about the data. The information security team can then review these questionnaires and work with the data owners to determine the appropriate data classification levels.
C. "Use results from business impact analyses to classify data" is not the most appropriate procedure for data classification. While business impact analyses can provide valuable insights, they may not capture the full context and nuances required for accurate data classification. Data classification should be a separate and more focused process that involves the data owners directly.
C. Use results from business impact analyses to classify data.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
PurpleParrot
2 months agoRS66
3 months agoBinagr8
4 months agojoehong
4 months ago