The responsibility for authorizing access to application data should be with the:

A.
data custodian.

B.
database administrator (DBA).

C.
data owner.

D.
security administrator.

Explanation:
Data owners should have the authority and responsibility for granting access to the data and
applications for which they are responsible. Data custodians are responsible only for storing and
safeguarding the datA. The database administrator (DBA) isresponsible for managing the database
and the security administrator is responsible for implementing and maintaining IS security. The
ultimate responsibility for data resides with the data owner.