The IT Law Wiki

Compensating security requirement

32,562pages on
this wiki
Add New Page
Talk0 Share

Definition Edit

A compensating security requirement is implemented by an organization in lieu of a recommended security requirement to provide an equivalent or comparable level of protection for the information/control system and the information processed, stored, or transmitted by that system.

Overview Edit

More than one compensating requirement may be required to provide the equivalent or comparable protection for a particular security requirement. For example, an organization with significant staff limitations may compensate for the recommended separation of duty security requirement by strengthening the audit, accountability, and personnel security requirements within the information/control system.

Source Edit

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.