Your company is implementing a solution for customer analytics that extracts, transforms, and loads data into the enterprise data warehouse from various information systems that collect and process customer data, subject to change as customers may move to new places and switch to new phones, etc. Which of the following is the best role to enforce data consistency and quality?
A. Data controller
B. Data owner
C. Data steward
D. Data custodian
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is C. Data steward.
In a data governance program, there are common roles like data owner, data steward, data custodian, etc. A data owner is accountable for the data he owns.
- A data owner, typically a member of the management team, is responsible for determining roles and responsibilities, classifying, and authorizing data. A data owner may delegate tasks to the data steward, data custodian, other roles.
- “The overall objective of a data steward is data quality, in regard to the key/critical data elements existing within a specific enterprise operating structure, of the elements in their respective domains. This includes documenting meta information for their elements, such as definitions, related rules/governance, physical manifestation, and related data models.” (Wikipedia)
- “Data Custodians are responsible for the safe custody, transport, storage of the data and implementation of business rules. Simply put, Data Stewards are responsible for what is stored in a data field, while Data Custodians are responsible for the technical environment and database structure. Common job titles for data custodians are Database Administrator (DBA), Data Modeler, and ETL Developer.” (Wikipedia)
Personal Data and Controller
‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law; (GDPR)
PlI Controller or Data Controller is the “privacy stakeholder (or privacy stakeholders) that determines the purposes and means for processing personally identifiable information (PlI) other than natural persons who use data for personal purposes.” (ISO 29100)
Reference
A BLUEPRINT FOR YOUR SUCCESS IN CISSP
My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.
- It is available on Amazon.
- Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.
貴公司正在實施一種用於客戶分析的解決方案,該解決方案將從收集和處理客戶數據的各種信息系統中提取,轉換數據並將其加載到企業數據倉庫中,但隨著客戶可能遷移到新地點並切換到新手機等而發生變化。以下哪項是增強數據一致性和質量的最佳角色?
A. 數據控制者 (Data controller)
B. 數據所有者 (Data owner)
C. 數據管理員 (Data steward)
D. 數據保管人 (Data custodian)