Definition Edit

Information security controls

include security management, access controls, configuration management, segregation of duties, and contingency planning. These controls are designed to ensure that there is a continuous cycle of activity for assessing risk, logical and physical access to sensitive computing resources and information is appropriately restricted; only authorized changes to computer programs are made; one individual does not control all critical stages of a process; and backup and recovery plans are adequate to ensure the continuity of essential operations.[1]

Overview Edit

"[I]neffective information security controls can result in significant risks, including

References Edit

  1. Information Security: Securities and Exchange Commission Needs to Consistently Implement Effective Controls, at 1 n.1.
  2. Cybersecurity: Actions Needed to Address Challenges Facing Federal Systems, at 2-3.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.