Tue Mar 10 20:41:23 PDT 2015

Control Architecture: How does the enterprise model information-related controls?


The description is up to them.


A control architecture should be in place to include, without limit, protection objectives, access control, original identification, authentication, access facilitation, trust, and change management.


Enterprises use implicit or explicit models as the basis for decision-making with regard to information protection and to structure the way they think about the issues.
Copyright(c) Fred Cohen, 1988-2015 - All Rights Reserved