Available under Creative Commons-ShareAlike 4.0 International License.
Management controls include management activities related establishment of information system requirements and control processes intended to ensure that those requirements are met. Critical information assurance management controls include:
- Creation of policies, procedures, standards and training requirements directly relating to the improvement of information system confidentiality, integrity and availability.
- Performance of risk analyses to evaluate risk potential of new information systems and re-evaluate risks associated with existing business applications and IT infrastructure.
- Management of information system change
The following sections provide a general overview of each of these three important information assurance management controls.
- 1527 reads
