The Information Owner is responsible for managing the risks to personal information and business critical information held within the module. This role understands what information is held, what is added, what is removed, how information is moved, and who has access and why. This means making sure that information assets are properly protected and used to their highest value.