Definitions
Computer security
An information owner is an
“
organizational official with statutory , management, or operational authority for specified information and is responsible for establishing the policies and procedures governing the generation, collection , processing , dissemination , and disposal of specified information . In information-sharing environments, the information owner is responsible for establishing the rules for appropriate use and protection of the subject information (e.g., rules of behavior) and retains that responsibility when the information is shared with or provided to other organizations. The owner of the information processed , stored , or transmitted by information technology (IT ) and industrial control system (ICS ) may or may not be the same as the IT and ICS owner. Information owners provide input to IT and ICS owners about the cybersecurity requirements and controls for the systems where the information is processed , stored , or transmitted .[2]
”
FISMA
Under the Federal Information Security Management Act of 2002 , an information owner is
“
an agency official with statutory or operational authority for specified information and responsibility for establishing the criteria for its creation, collection, processing, dissemination, or disposal, which responsibilities may extend to interconnected systems or groups of interconnected systems .[3]
”
General
An information owner is an
References