How do need-to-know and minimum privilege differ?

• A. Need-to-know is about data retention schedules.
• B. Need-to-know applies to physical security; minimum privilege applies to digital systems.
• C. Minimum privilege restricts access to information based on necessity for a role; need-to-know restricts user capabilities.
• D. Need-to-know restricts access to information based on necessity for a role; minimum privilege restricts user capabilities.

Answer: (D)

Need-to-know and minimum privilege target different layers of access control. Need-to-know determines who is allowed to see specific information based on whether it’s necessary for their role. It’s about access to the data itself—viewing, not just having a job title. Minimum privilege (least privilege) determines what actions a user can perform once they have access—permissions like read, write, delete, or execute—restricted to what’s actually needed to do the job.

So, need-to-know answers the question “who can see this information?” while minimum privilege answers “what can this person do with it?” For example, someone might be allowed to view customer records (need-to-know) but not be allowed to modify them (minimum privilege).

The other options mix up these ideas: one ties need-to-know to data retention (not related), another incorrectly assigns domains (needs-to-know to physical security, minimum privilege to digital systems alone), and another reverses the definitions.