Fri Apr 8 06:49:41 PDT 2016
Control Architecture: How does the enterprise model information-related controls?
Options:
The description is up to them.
Decision:
A control architecture should be in place to include, without limit,
protection objectives, access control, original identification,
authentication, access facilitation, trust, and change management.
Basis:
Enterprises use implicit or explicit models as the basis for
decision-making with regard to information protection and to structure
the way they think about the issues.
Copyright(c) Fred Cohen, 1988-2015 - All Rights Reserved
|