Process Controls And Technology Controls

1288 WordsMay 15, 20166 Pages
Process Controls & Technology Controls Process Controls IT and Security Strategic Management, Policy and Architecture – Architectures, policies and strategies defined to run IT services Organizational Structure, Roles and Responsibilities and Standards for interactions between groups; authority for security and external security related Communications  Training and Awareness – Processes to increase visibility and knowledge of security risks Assessment and Auditing and Processes to assess the environment, controls, policies and processes used to implement strategy Authentication, Authorization and  Access Management – Processes and technology to verify users’ identities and control access to resources Operational Design,  Workflows and Automation – Design and implementation of automated solutions; workflow and resource management Asset Inventory,  Classification and Management – Processes to identify and classify assets, supporting execution of asset class based policies Incident Readiness and Response and standards for preparation for and response to incidents. Technology Controls  Application Design, Development and Testing – Processes, procedures, and methodologies to ensure that new and updated applications are appropriate, efficient and secure Systems Build and  Deployment – Systems and technologies to assure effective, secure deployment of new and updated systems  Data Life Cycle Management – Technology to move, Replicate and protect data Configuration
Open Document