Simply put, Data Stewards are responsible for what is stored in a data field, while data custodians are responsible for the technical environment and database structure. Common job titles for data custodians are database administrator (DBA), data modeler and ETL developer.
https://en.wikipedia.org/wiki/Data_custodian
The custodian role is assigned to the user who is responsible for the tasks of implementing the prescribed protection defined by the security policy and senior management
pg 50 CISSP study guide glossary: data custodian, data steward The subject who is assigned or delegated the task of implementing the prescribed protection defined by the security policy and upper management. The data custodian performs any and all activities necessary to provide adequate protection for data
and to fulfill the requirements and responsibilities delegated to them by upper management. pg 52 glossary: data steward See data custodian. GOTTA LOVE THE OFFICIAL CISSP GUIDE! The answer is A because it's about the protection of data according to the definition above, they don't mention the database or datalake in the definition.
Cissp “ A data custodian or steward is a subject who has been assigned or delegated the day-to-day responsibility for proper storage and transport as well as protecting data, assets, and other organizational objects”
Data Steward = A. Ensure proper business definition, value, and usage of data collected and stored within the enterprise data lake.
Data Custodian = B. Ensure adequate security controls applied to the enterprise data lake.
A. Ensure proper business definition, value, and usage of data collected and stored within the enterprise data lake.
While security controls are important for data lakes, the primary responsibility of a data steward is to manage and oversee the quality, relevance, and business value of the data stored in the data lake. This includes ensuring that the data collected is properly defined, serves a valid business purpose, and is used effectively across the organization. If the question was refering to Data Custodian then B. could have been the correct answer.
A. Usage of data
"A data steward is responsible for carrying out data usage and security policies as determined through enterprise data governance initiatives, acting as a liaison between the IT department and the business side of an organization."
https://www.techtarget.com/searchdatamanagement/definition/data-stewardship#:~:text=A%20data%20steward%20is%20responsible,business%20side%20of%20an%20organization.
Data Owner is accountable for Data Governance outcomes, whereas a Data Steward is responsible for the Data Governance tasks required to achieve those outcomes.
As cited in the ISC2 CISSP Official Study Guide, 'A data custodian or steward is a subject who has been assigned or delegated the day- to- day responsibility for proper storage and transport as well as protecting data, assets, and other organizational objects.'
The proper storage and transport as well as protecting data is all done with the controls applied.
A data custodian is not the same as a data steward. Answer B. is a good answer if the question was asking for Data custodian as opposed to data steward. A. is the best answer with regard to the role and responsiblity of a Data steward within an organization.
oops ! looks like answer is B data owner = controls
CBK 9th edition pg 117 "NOTE Data owner has synonymous terms used in various guidelines and regulations. Con- sider information owner or steward as interchangeable terms, for instance.
You are right, that is in the CISSP CBK.
!
But in CISSP Official Guide, this is mentioned:
A data custodian or steward is a subject who has been assigned or delegated the day- to- day responsibility for proper storage and transport as well as protecting data, assets, and other organizational objects.
!
I don't know why ISC2 do not have clear definition for Data Steward.
i think its A = DATA steward (business)
DATA owner = accountable for data (legal rights)
Data steward = business responsible for data (metadata, governance etc)
Data custodian = technical responsibility (backup, security etc)
"A" is correct. A quick Google Search on "DATA" steward will prove that:
A data steward is responsible for carrying out data usage and security policies as determined through enterprise data governance initiatives, acting as a liaison between the IT department and the business side of an organization.
upvoted 4 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
rdy4u
Highly Voted 2 years agoNickname53796
Highly Voted 2 years, 1 month agojackdryan
1 year, 6 months agoeboehm
Most Recent 7 months, 2 weeks agoGuardianAngel
9 months, 2 weeks agoJBAnalyst
9 months, 3 weeks agogjimenezf
9 months, 4 weeks agoGPrep
10 months, 3 weeks agoSoleandheel
11 months, 2 weeks agoSoleandheel
11 months, 2 weeks agoHughJassole
1 year, 5 months agoomarin25
1 year, 10 months agoRVoigt
1 year, 10 months agoSoleandheel
11 months, 2 weeks agoikidreamz
1 year, 11 months agooudmaster
1 year, 11 months agoikidreamz
1 year, 11 months agofranbarpro
2 years ago