Exam CISA Topic 1 Question 328 Discussion

Actual exam question for ISACA's CISA exam
Question #: 328
Topic #: 1
The FIRST step in data classification is to:

Suggested Answer: A Vote an answer

Explanation/Reference:
Explanation:
Data classification is necessary to define access rules based on a need-to-do and need-to-know basis.
The data owner is responsible for defining the access rules; therefore, establishing ownership is the first step in data classification. The other choices are incorrect. A criticality analysis is required for protection of data, which takes input from data classification. Access definition is complete after data classification and input for a data dictionary is prepared from the data classification process.

by Marvin at Jul 05, 2026, 04:22 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support: Contact now 

日本語 Deutsch 繁体中文 한국어