Activity 3 - Building an Information Asset Register.docx - ACTIVITY 3 \u2013 BUILDING AN INFORMATION ASSET REGISTER OBJECTIVE Differentiate between

Activity 3 - Building an Information Asset Register.docx -...

This preview shows page 1 - 2 out of 2 pages.

A CTIVITY 3 – B UILDING AN I NFORMATION A SSET R EGISTER O BJECTIVE Differentiate between Ownership and Custodianship T IME 30 Minutes T ASKS Prepare to discuss as a group 1. If a company provides a smart phone to an employee to use for work-related communications: a. Who would you consider the information system owner? Why? Answer: The ownership depends on the policy the company created and also the size of the company. The ISO 27002:2013 standard recommends that we have a policy that specifically addresses the need to account for our information assets and to assign an owner to the asset. The goal of an Information Ownership policy is to ensure that appropriate protection is maintained. Owners should be identified for all major information assets and given the responsibility for the safeguarding of the information system. b. Who would you consider the information system custodian? Why? The information systems custodian responsibility would be delegated to a
Image of page 1
Image of page 2

You've reached the end of your free preview.

Want to read both pages?

  • Winter '20
  • Paul Manaf
  • 30 Minutes, workrelated communications

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask You can ask (will expire )
Answers in as fast as 15 minutes