The IT Law Wiki

Information system general controls

32,085pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Information system general controls

affect the overall effectiveness and security of computer operations and are not unique to specific computer applications. These controls include security management, configuration management, operating procedures, software security features, and physical protections designed to ensure that access to data is appropriately restricted, that only authorized changes to computer programs are made, that incompatible computer-related duties are segregated, and that backup and recovery plans are adequate to ensure the continuity of operations.[1]

References Edit

  1. GAO, Information Security: Federal Deposit Insurance Corporation Has Made Progress, but Further Actions Are Needed to Protect Financial Data 1 n.1 (GAO-11-708) (Aug. 2011) (full-text).

Also on Fandom

Random Wiki