The data access requirements for an application should be determined by the:
A. legal department.
B. compliance officer.
C. information security manager.
D. business owner.
Explanation:
Business owners are ultimately responsible for their applications. The legal department, compliance officer and information security manager all can advise, but do not have final responsibility.