The Control Architecture

The enterprise operates protection through the creation, operation, and adaptation of a control architecture. The control architecture includes structural mechanisms that obtain security objectives through access control, functional units, perimeters, authorization, change control, and lower surety non-architectural units. [Drill-down]

In combination, these form the architectural elements of the control architecture, independent of implementation specifics.

For more details and in-depth coverage of these issues, download and read "Enterprise Information Protection"