Which governance principle emphasizes accessing only necessary information?

The principle that emphasizes accessing only the necessary information is centered around the "Need to know" concept. This governance principle is fundamental in ensuring that individuals and entities within an organization only have access to information that is essential for them to perform their job functions. This controlled access helps to protect sensitive information from unauthorized disclosure, reducing the risk of data breaches or misuse.

The need to know principle is often applied in environments handling sensitive data, such as classified government operations or corporate data protection, ensuring that information distribution is limited strictly to authorized personnel who require it for specific tasks. This practice aligns with broader security policies aimed at safeguarding assets by minimizing exposure and potential threats.

In contrast, data minimization focuses more broadly on collecting and retaining only the data that is necessary for a given purpose rather than access control specifically. Data integrity relates to the accuracy and consistency of data over its lifecycle, and non-repudiation ensures that actions or transactions cannot be denied after they have occurred, neither of which directly addresses the principle of accessing only necessary information.