What is the PRIMARY role of the information security manager in the process of information classification within an organization?
A . Defining and ratifying the classification structure of information assets
B . Deciding the classification levels applied to the organization’s information assets
C . Securing information assets in accordance with their classification
D . Checking if information assets have been classified properly
Answer: A
Explanation:
Defining and ratifying the classification structure of information assets is the primary role of the information security manager in the process of information classification within the organization. Choice B is incorrect because the final responsibility for deciding the classification levels rests with the data owners. Choice C is incorrect because the job of securing information assets is the responsibility of the data custodians. Choice D may be a role of an information security manager but is not the key role in this context.
Leave a Reply