LinkedIn respects your privacy

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Join now Sign in

From the course: ISACA Certified Information System Manager (CISM) Cert Prep

Unlock this course with a free trial

Join today to access over 24,900 courses taught by industry experts.

Operational controls, part 1

Operational controls, part 1

From the course: ISACA Certified Information System Manager (CISM) Cert Prep

Start my 1-month free trial Buy for my team

Operational controls, part 1

“

- [Kelly] All right, now after we look at our management controls, let's move on to talking about our operational controls. And like we said, with our operational controls, these are the types of controls that are implemented by people. Usually, there's a department responsible, or a dedicated set, a dedicated team, perhaps, responsible for carrying out these different types of activities. So we've got all sorts of operational controls. Identity and access management, where we determine how users get accounts on the network and how we control making sure that we have only authorized access. Security event monitoring and analysis, should go without speaking, right? We have to monitor the events that happen on our network, which will then lead us to a quick and, hopefully, effective and efficient incident response capability. Configuration management and change control. We've talked about that multiple times, and how we have to regulate changes in our environment. Under that category…

Contents