Information Custodian (Dictionary Entry)
Contexts | Data Privacy, IAM, Information Security |
---|---|
Term | Information Custodian |
Alternative Forms | Data Custodian |
Definitions | The information custodian is responsible for the protection of the data confidentiality, integrity and availability in compliance with the information owner’s requirements. In general, the role is held by the security or IT department. The perspective of the information custodian is that of the information itself, in contrast with the system owner whose perspective is that of the system storing or processing the information. |
Related Terms |
|
Quotes
The data custodian (information custodian) is responsible for maintaining and protecting the data. This role is usually filled by the IT or security department, and the duties include implementing and maintaining security controls; performing regular backups of the data; periodically validating the integrity of the data; restoring data from backup media; retaining records of activity; and fulfilling the requirements specified in the company’s security policy, standards, and guidelines that pertain to information security and data protection.
(Harris and Maymí, 2019, p. 240)
A Custodian provides hands-on protection of assets such as data. They perform data backups and restoration, patch systems, configure antivirus software, etc. The Custodians follow detailed orders; they do not make critical decisions on how data is protected. The Data Owner may dictate, “All data must be backed up every 24 hours.” The Custodians would then deploy and operate a backup solution that meets the Data Owner’s requirements.
(Conrad et al., 2016, p. 86)
Information custodian — The information custodian, usually an information systems person, is the delegate of the information owner with primary responsibilities for dealing with backup and recovery of the business information. Responsibilities include the following:
— Perform backups according to the backup requirements established by the information owner
— When necessary, restore lost or corrupted information from backup media to return the application to production status
— Perform related tape and DASD management functions as required to ensure availability of the information to the business
— Ensure record retention requirements are met based on the information owner’s analysis
(Tipton and Krause, 2007, p. 228-229)
DATA CUSTODIAN: The person(s) who is responsible for the accuracy of authorised data updates/creation/deletion.
(Saddington et al., 1988, p. iv)
Bibliography
See Also
-
Data Custodian (Dictionary Entry) (Dictionary)
-
Information Custodian (Dictionary Entry) (Dictionary)
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.