Tools used for identification, authorization, authentication and accountability in automated information systems. The policies, procedures, organizational structure and electronic access controls designed to restrict access to computer software and data files. Source: FFIEC IT Examination Handbook, Information Security. 2021. https://ithandbook.ffiec.gov/glossary.aspx