The security controls (i.e., safeguards or countermeasures) for an information system that primarily are implemented and executed by people (as opposed to systems).
Sources:
FIPS 200
under OPERATIONAL CONTROLS
NIST SP 800-18 Rev. 1
The security controls (i.e., safeguards or countermeasures) for an information system that are primarily implemented and executed by people (as opposed to systems).
Sources:
NIST SP 800-137
from
FIPS 200
NIST SP 800-30 Rev. 1
from
FIPS 200
NIST SP 800-39
from
FIPS 200
NIST SP 800-82r3
from
FIPS 200
The security controls (i.e., safeguards or countermeasures) for an information system that are primarily implemented and executed by people (as opposed to systems).
Rationale: NIST SP 800-53 no longer includes the concept of operational, management, or technical controls, as it is not always clear which category any given control belongs.
Sources:
CNSSI 4009-2015
under operational controls
the day-to-day procedures and mechanisms used to protectoperational systems and applications. Operational controls affect the system and application environment.
Sources:
NIST SP 800-16