Implementing the principle of least privilege primarily requires the identification of job duties. This principle states that users should only be given the minimum level of access necessary to perform their job duties. By identifying the specific job duties of each user, an organization can determine the minimum level of access needed, and restrict access to any unnecessary resources. This helps to minimize the potential damage that can be caused by a malicious or compromised user.

The primary objective of performing a post-incident review is to identify the root cause of the incident. After an incident has occurred, the post-incident review process involves gathering and analyzing evidence to determine the cause of the incident. This analysis will help to identify both the underlying vulnerability that allowed the incident to occur, as well as any control improvements that should be implemented to prevent similar incidents from occurring in the future. Additionally, the post-incident review process can also be used to re-evaluate the impact of the incident, as well as any potential implications for the organization.

The best way to address this situation is to assign responsibility to the database administrator (DBA). The DBA should review the databases for sensitive content and assign the appropriate classification level to each database. This should be done in accordance with the organization's information security policies, which should outline the rules and guidelines for classifying information assets. Additionally, the information security manager should prepare a report of the databases for senior management, noting the databases that do not have owners assigned to them, as well as any other relevant information. This will help to ensure that the organization is properly managing its information assets and that any risks associated with the lack of owners are identified and addressed. This information can be found in the ISACA's Certified Information Security Manager (CISM) Study Manual, Section 5.3.

According to the Certified Information Security Manager (CISM) Study Guide, one of the primary responsibilities of an information security manager is to ensure that changes to systems and processes are managed in a secure and controlled manner. The change management procedure that is most likely to cause concern for an information security manager is when the development manager migrates programs into production without proper oversight or control. This can increase the risk of unauthorized changes being made to systems and data, and can also increase the risk of configuration errors or other issues that can negatively impact the security and availability of systems. To mitigate these risks, it is important for the information security manager to work closely with the development team to establish and enforce change management procedures that ensure that all changes are properly approved, tested, and implemented in a controlled manner.