O'Reilly logo

IT Security Risk Control Management: An Audit Preparation Plan by Raymond Pompon

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

© Raymond Pompon 2016

Raymond Pompon, IT Security Risk Control Management, 10.1007/978-1-4842-2140-2_12

12. Control Design

Raymond Pompon

(1)Seattle, Washington, USA

Security is like dentistry. You go to the dentist twice a year for reviews and advanced questions, but you don’t go to the dentist to brush your teeth. The security team should function like the dentist: regular checkups and expert issues.

—Robert Garigue, IT Security thought leader, former CISO of Bell Canada & Bank of Montreal

Controls are what you use to reduce risk. Controls can reduce likelihood or impact, and if you’re lucky, they can reduce both. The selection and arrangement of controls is an important step in the IT security program. This chapter explains how to design controls. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required