Role Based Awareness Training 5.1

Question 1

Specialized Training

Answer 1

This is training based on each individuals position within the company. Not all positions will need this. Each user may have unique security responsibilities that they need to be made aware of. You also want to do this for third-parties. Keep detailed documentation and records of this to make sure that you know that everyone was made perfectly aware of their responsibilities.

Question 2

Roles - Data Owner

Answer 2

Executive level manager responsible for the security of the data. Ultimately responsible for compliance.

Question 3

Roles - System Administrator

Answer 3

Admin of the systems that enable the apps and data. May not necessarily be a user of the app or view the data.

Question 4

Roles - System Owner

Answer 4

Makes decisions about the overall operation of the app and data. Defines security policies and backup policies. Manages changes and updates.

Question 5

Roles - User

Answer 5

App users, has the least privileged access to the application and data.

Question 6

Roles - Privileged User

Answer 6

Additional app and data permissions. Usually an area manger, report creation, user and pass changes.

Question 7

Roles - Executive User

Answer 7

Responsible for the overall operation of the application. High-level decisions making for direction. Evaluates goals and makes decisions about future directions.