There are different types of controls that can help prevent, avoid , detect risk:
They are :
Detective Controls : Controls that detect and report errors, omission or malicious acts. Examples are Hash totals, Echo controls in telecommunications.
Preventive Controls : Detect problems before they arise.
Example: Encryption software used to prevent unauthorised access
Corrective Controls: Correct problems before they occur.
Example: Contingency planning, Backup Procedures
Related Tags: cisa, cissp, it audit, it governance, it compliance
No comments:
Post a Comment