Managerial, the control gives oversight of the information system. Examples could include risk identification or a tool allowing the evaluation and selection of other security controls., Operational, the control is implemented primarily by people. For example, security guards and training programs are operational controls., Technical, the control is implemented as a system (hardware, software, or firmware). For example, firewalls, antivirus software, and OS access control models are technical controls., Physical, controls such as alarms, gateways, locks, lighting, and security cameras that deter and detect access to premises and hardware are often placed in a separate category from technical controls..

Security Control Categories

by
Print
Embed

Leaderboard

Visual style

Options

Switch template

)
Continue editing: ?