Custom Search

Thursday, April 12, 2007

CISA 2007 - Audit Process #3

There are different types of controls that can help prevent, avoid , detect risk:
They are :

Detective Controls : Controls that detect and report errors, omission or malicious acts. Examples are Hash totals, Echo controls in telecommunications.

Preventive Controls : Detect problems before they arise.
Example: Encryption software used to prevent unauthorised access

Corrective Controls: Correct problems before they occur.
Example: Contingency planning, Backup Procedures

Related Tags: , , , ,

No comments: