Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

control

Abbreviation(s) and Synonym(s): Definition(s):

  the Control phase consists of managing investments while monitoring for results. Once the IT projects have been selected, senior executives periodically assess the progress of the projects against their projected cost, scheduled milestones, and expected mission benefits.
Source(s):
NIST SP 800-65 under Control

  The part of the ICS used to perform the monitoring and control of the physical process. This includes all control servers, field devices, actuators, sensors, and their supporting communication systems.
Source(s):
NIST SP 800-82 Rev. 2 under Control

  See security control and privacy control.
Source(s):
NIST SP 800-37 Rev. 2

  measure that is modifying risk. (Note: controls include any process, policy, device, practice, or other actions which modify risk.)
Source(s):
NISTIR 8053 (ISO/IEC 27000:2014)

  The means of managing risk, including policies, procedures, guidelines, practices, or organizational structures, which can be of an administrative, technical, management, or legal nature. An attribute assigned to an asset t hat reflects its relative importance or necessity in acheiving or contributing to the achievement of stated goals.
Source(s):
NIST SP 800-160 Vol.2 [Superseded]