Auditing IT Infrastructures for Compliance, 3rd Edition
by Robert Johnson, Marty Weiss, Michael G. Solomon
User Domain Business Drivers
People have an advantage over automated controls in dealing with the unexpected. This is especially true when dealing with changing customer needs. Automated controls can only mitigate risks that have been clearly identified and encoded in their software. Consequently, the User Domain will always have more unpredictable risks that must be addressed.
While people are essential in implementing effective security policies, they are also the weakest link. Unlike automated security controls, people can let their guard down. Automated controls never sleep or take vacations and work relentlessly 24 hours a day. People on the other hand can simply have a bad day, be distracted, and may not have information security at the ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access