The IT Law Wiki

Information security controls

32,640pages on
this wiki
Add New Page
Talk0 Share

Definition Edit

Information security controls

include security management, access controls, configuration management, segregation of duties, and contingency planning. These controls are designed to ensure that there is a continuous cycle of activity for assessing risk, logical and physical access to sensitive computing resources and information is appropriately restricted; only authorized changes to computer programs are made; one individual does not control all critical stages of a process; and backup and recovery plans are adequate to ensure the continuity of essential operations.[1]

Overview Edit

"[I]neffective information security controls can result in significant risks, including

References Edit

  1. Information Security: Securities and Exchange Commission Needs to Consistently Implement Effective Controls, at 1 n.1.
  2. Cybersecurity: Actions Needed to Address Challenges Facing Federal Systems, at 2-3.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.