Skip to end of banner
Go to start of banner

Information Custodian (Dictionary Entry)

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Contexts

Data Privacy, IAM, Information Security

Term

Information Custodian

Alternative Forms

Data Custodian Synonym

Definitions

The information custodian is responsible for the protection of the data confidentiality, integrity and availability in compliance with the information owner’s requirements. In general, the role is held by the security or IT department.

Related Terms

Quotes

The data custodian (information custodian) is responsible for maintaining and protecting the data. This role is usually filled by the IT or security department, and the duties include implementing and maintaining security controls; performing regular backups of the data; periodically validating the integrity of the data; restoring data from backup media; retaining records of activity; and fulfilling the requirements specified in the company’s security policy, standards, and guidelines that pertain to information security and data protection.

(Harris and Maymí, 2019, p. 240)

A Custodian provides hands-on protection of assets such as data. They perform data backups and restoration, patch systems, configure antivirus software, etc. The Custodians follow detailed orders; they do not make critical decisions on how data is protected. The Data Owner may dictate, “All data must be backed up every 24 hours.” The Custodians would then deploy and operate a backup solution that meets the Data Owner’s requirements.

(Conrad et al., 2016, p. 86)

Information custodian — The information custodian, usually an information systems person, is the delegate of the information owner with primary responsibilities for dealing with backup and recovery of the business information. Responsibilities include the following:
— Perform backups according to the backup requirements established by the information owner
— When necessary, restore lost or corrupted information from backup media to return the application to production status
— Perform related tape and DASD management functions as required to ensure availability of the information to the business
— Ensure record retention requirements are met based on the information owner’s analysis

(Tipton and Krause, 2007, p. 228-229)

DATA CUSTODIAN: The person(s) who is responsible for the accuracy of authorised data updates/creation/deletion.

(Saddington et al., 1988, p. iv)

Bibliography

See Also

  • No labels

Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.

This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.