Definition Edit

Operational controls (OPCON) are

[t]he security controls (i.e., safeguards or countermeasures) for an information system that are primarily implemented and executed by people (as opposed to systems).[1]

Overview Edit

"These controls are established to improve the security of a group, a specific system, or group of systems. Operational controls require technical or specialized expertise and often rely on management and technical controls. Operational control families include personnel security, contingency planning, configuration management, maintenance, system and information integrity, incident response, and awareness and training."[2]

References Edit

  1. FIPS 200. See also NIST Special Publication 800-53; NIST Special Publication 800-37.
  2. Tax Information Security Guidelines For Federal, State and Local Agencies, at 154.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.