The person designated to control access to a specific application.  For such applications, both the Portal Security Officer and the Application Owner must approve a user's request for access to the specified application.  Generally, only applications which access confidential or otherwise sensitive data are assigned business owners.