CHAPTER 7
Information Systems Control Concepts
In this chapter, you will:
• Learn the basic concepts of controls
• Examine different control frameworks
We’ve discussed controls throughout this book so far, but always from a risk identification, assessment, analysis, and response perspective. There’s a lot more to be learned about security controls and how they are designed and implemented. In this chapter, we will begin to change direction a bit and focus on controls from those perspectives. We will review some basics regarding controls, and you will learn about how you select them to perform specific functions in protecting systems and data. We’ll also review a few key control frameworks in detail, including the National Institute of Standards ...
Get CRISC Certified in Risk and Information Systems Control All-in-One Exam Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.