Final answer:
Data owners should determine which users have access to which specific objects. Senior management, system administrators, and the cloud provider have roles in the process but the ultimate authority lies with the data owners.
Step-by-step explanation:
The users who have access to specific objects should be determined by data owners. Data owners have the responsibility and authority to determine who can access and use the data they own. They understand the sensitivity and importance of the data and can make informed decisions about granting access based on user roles and responsibilities.
Although senior management and the Chief Information Officer (CIO) may have oversight in establishing policies and guidelines, data owners should be the ones who make the specific determinations about access to objects within their domain.
System administrators play a technical role in implementing access controls based on the decisions made by the data owners. The cloud provider is responsible for providing a secure infrastructure and platform, but the determination of specific access rights rests with the data owners.