Definition Edit

Common controls are

security controls employed at the organization level that typically serve multiple information systems. By centrally managing and documenting the development, implementation, assessment, authorization, and monitoring of common controls, organizations can amortize security costs across multiple information systems.[1]

Overview Edit

"Examples of business process areas having common controls include contingency planning, incident response, security training and awareness, personnel security, physical and environmental protection, and security program management. These business process areas are generally good candidates for common controls."[2]

References Edit

  1. Electricity Subsector Cybersecurity Risk Management Process, App. H, at 85.
  2. Id.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.