The term used to describe those functions or mechanisms that are relied upon, directly or indirectly, to enforce a security policy that governs confidentiality, integrity, and availability protections.
Sources:
NIST SP 800-160 Vol. 2 Rev. 1
The functions or constraints that are relied upon to directly or indirectly meet protection needs.
Sources:
NIST SP 800-160v1r1