The IT Law Wiki

This wiki's URL has been migrated to the primary domain.Read more here


The IT Law Wiki


Security functionality is

security-related features, functions, mechanisms, services, procedures, and architectures implemented within organizational information systems or the environments in which those systems operate.[1]


Security functionality can be obtained by employing within the information systems and supporting infrastructure of the organization, a combination of management, operational,[2] and technical security controls.[3]


  1. NIST Special Publication SP 800-171, App. B, at B-7.
  2. "Management and operational security controls" are typically deployed within the organizational infrastructure that supports the information systems and include, for example: intrusion detection and protection capabilities; contingency planning capabilities; physical and environmental protection capabilities; awareness and training capabilities; and personnel security capabilities.
  3. "Technical security controls" include, for example: physical and logical access control mechanisms; identification and authentication mechanisms; auditing/accountability mechanisms; encryption mechanisms; and system and communications protection mechanisms.

See also[]