Which of the following is MOST important when assigning ownership of an asset to a department?
A. The department should report to the business owner
B. Ownership of the asset should be periodically reviewed
C. Individual accountability should be ensured
D. All members should be trained on their responsibilities
Annex 8.2 of ISO 27001, Asset Management, contains a sub-clause dedicated to asset ownership. It states that asset owners can be different to legal owners and individuals or whole departments.
However, we recommend selecting a specific person, otherwise the responsibility could fall between various people, with tasks left incomplete.
C
not A?