From the course: ISACA Certified Information Systems Auditor (CISA) Cert Prep

Unlock this course with a free trial

Join today to access over 25,300 courses taught by industry experts.

Types of controls

Types of controls

From the course: ISACA Certified Information Systems Auditor (CISA) Cert Prep

Start my 1-month free trial Buy for my team

Types of controls

- [Instructor] Okay, we've just talked about the business processes, and of course that's where everything starts, right? We have to understand the business, we have to understand the risks associated with the business and make sure that the controls are going to adequately manage that risk. So let's focus a little bit into the controls and talk about what they are and what they do for us. All right, so if we're going to give just a good basic definition of controls, these are things that we implement to mitigate risk, to treat risk. So our slide says these are measures. So they can be administrative, or technical, or they can be physical in nature. Policies, procedures, or for administrative. Technical would be things like encryption and intrusion detection devices. And then physical, of course, would be things like locked doors, security guards. So we have the different types of controls. We'll look at a little bit more of the categories in just a minute. But ultimately, whatever we…

Contents