From the course: CompTIA CySA+ (CS0-002) Cert Prep: 7 Compliance and Assessment
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Control management
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 7 Compliance and Assessment
Control management
- [Narrator] In addition to conducting regular security audits and assessments, organizations should perform routine management of their own controls. Every security program should include control testing procedures, a process for managing exceptions to controls, the building of control remediation plans, and the use of compensating controls. Control testing should take place on a regular basis. While periodic audits and assessments do evaluate the effectiveness of security controls, these usually occur infrequently. Organizations should supplement these more formal tests with routine and automated monitoring of security controls. For example, an automated review process might routinely check to see if new ports are opened on a firewall in an unexpected manner. You will also find that there is an exception to every rule in the world of security. You should have a defined process in place to help team members…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.