Nov 8, 2018

(1) The means of managing risk, including policies, procedures, guidelines, practices, or organizational structures, which can be of an administrative, technical, management or legal nature. Adapted from: FFIEC IT Examination Handbook, Information Security. 2021.

(2) Controls may prevent risk from occurring, detect that risk has occurred or limit the negative impact of a risk once it has occurred.

Sign up for our Newsletter

Learn about upcoming events, special offers from our partners and more.

Sub Topics