The IT Law Wiki


Security controls refers to

[t]he management, operational, and technical controls (safeguards or countermeasures) prescribed for an data processing system and the controls in place or planned to meet those requirements.[1]
the management, operational, and technical controls used to protect against an unauthorized effort to adversely affect the confidentiality, integrity, and availability of an information system or its information.).[2]


The selection and implementation of appropriate security controls for an information system are important tasks that can have major implications on the operations and assets of an organization as well as the welfare of individuals and the Nation.


See also[]