Effective CISSP Questions

A loyal customer called the service center to order a product on promotion with 50% off. He visited the company’s website to order the same product again but received no discount. He is complaining about it. Which of the following is the best role that should address this problem?
A. Data owner
B. Data steward
C. Data custodian
D. Information system owner

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is B. Data steward.

Data Steward

A data steward is a role within an organization responsible for utilizing an organization’s data governance processes to ensure fitness of data elements – both the content and metadata.

The overall objective of a data steward is data quality, in regard to the key/critical data elements existing within a specific enterprise operating structure, of the elements in their respective domains.

Source: Wikipedia

Data Quality

  • The 50% off discount, a business rule, is applied inconsistently across systems, such as the CRM system used by the service center and the online website. Data Steward should ensure it is applied consistently.
  • The definition of data quality may vary from various contexts or stakeholders’ perspectives. However, it can be generally describing the accuracy or correctness of data, consistent format of data, and processing or business rules.

Data Custodian

  • In Data Governance groups, responsibilities for data management are increasingly divided between the business process owners and information technology (IT) departments. Two functional titles commonly used for these roles are Data Steward and Data Custodian.
  • Data Custodians are responsible for the safe custody, transport, storage of the data and implementation of business rules.
  • Common job titles for data custodians are Database Administrator (DBA), Data Modeler, and ETL Developer.



My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

一位忠實的客戶致電服務中心訂購促銷產品,並享受50%的折扣。 他訪問了您公司的網站以再次訂購相同的產品,但沒有獲得任何折扣。 他對此抱怨。 以下哪個是應該解決這個問題的最佳角色
A. 數據所有者 (data owner)
B. 數據管理員 (data steward)
C. 數據保管人 (data custodian)
D. 資訊系統所有者 (information system owner)

Leave a Reply