CISA Glossary

access-control matrix

A single table used to cross-reference access rights that have been assigned to subjects (subject capabilities) with access rights that are assigned per objects (access control list).

access-control model

A framework that dictates how subjects can access objects. Three access-control modes can be defined: discretionary, mandatory, and nondiscretionary.

access controls

Controls that ensure confidentiality, integrity, and availability of information systems and their associated data by limiting access to computer systems.

access path

The logical route an end user or system takes to get to the information resource.


The authorization and approval granted to an information system to process in an operational ...

Get CISA Exam Cram™ 2 now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.