Monitoring the Status of Controls
Your job as a CISA is to evaluate an organization’s internal controls. Internal controls are required during the normal processing at every computer terminal or computer workstation. Without proper controls, a minor error could become a major outage.
We discuss a series of security controls in this Study Guide. In Chapter 7, we discuss specific security controls for protecting information assets. For now, let’s visit controls that apply to IT service delivery: