Sun Mar 1 11:30:48 PST 2015
Control Architecture: How does the enterprise model information-related controls?
The description is up to them.
A control architecture should be in place to include, without limit,
protection objectives, access control, original identification,
authentication, access facilitation, trust, and change management.
Enterprises use implicit or explicit models as the basis for
decision-making with regard to information protection and to structure
the way they think about the issues.
Copyright(c) Fred Cohen, 1988-2015 - All Rights Reserved