Sakis is determining who is primarily responsible for step 5 of the NIST risk management process, which involves monitoring security controls. Which role is it?

Custodians are tasked with the day-to-day monitoring of the integrity and security of data. Step 5 requires monitoring, which is a custodial task. A data owner may grant rights to custodians but will not be responsible for conducting monitoring. Data processors process data on behalf of the data controller, and a user simply uses the data via a computing system.