Procedural Control Examples
Procedural controls refer to the procedures performed by individuals. They are often detailed in written documents that an organization uses for security. Procedural controls are directives from senior management on how to address security within the organization. Previous versions of NIST SP 800-53 referred to these controls as administrative controls.
The following sections provide examples of some of the common procedural controls in these categories:
- Policies and procedures
- Security plans
- Insurance and bonding
- Background and financial checks
- Data loss prevention program
- Education, training, and awareness
- Rules of behavior
- Software testing
Policies and Procedures
Policies and procedures are written documents ...
Get Managing Risk in Information Systems, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
