Security Controls and Classifications
Security Control Frameworks
Security Control Frameworks
Security Control Frameworks
Depending on what cyber security frameworks you use, our professionals address the following security controls, classes, families, and identifiers:
- AC – Access Control (Technical)
- AT – Awareness and Training (Operational)
- AU – Audit and Accountability (Technical)
- CA - Security Assessment and Authorization (Management)
- CM – Configuration Management (Operational)
- CP – Contingency Planning (Operational)
- IA – Identification and Authentication (Technical)
- IR – Incident Response (Operational)
- MA – Maintenance (Operational)
- MP – Media Protection (Operational)
- PE – Physical and Environmental Protection (Operational)
- PL – Planning ((Management)
- PS – Personal Security (Operational)
- RA – Risk Assessment (Management)
- SA – System and Services Acquisition (Technical)
- SC – System and Communications Protections (Management)
- SI – System and Information Integrity (Operational)
- PM – Program Management (Management)
Security Strategies
Security Control Frameworks
Security Control Frameworks
R32 adheres to six (6) major framework areas:
- Prepare: Organizational Communications, Development of Control Baselines, Enterprise Architecture, and Alignment of Risk Management Framework.
- Identify: Asset Management, Business Environment, Governance, Risk Assessment, and Risk Management Strategy.
- Protect: Access Control, Awareness and Training, Data Security, Information Protection and Procedures, Maintenance, and Protective Technology.
- Detect: Anomalies and Events, Security Monitoring, and Detection Processes.
- Response: Response Planning, Communications, Analysis, Mitigation, and Improvements.
- Recover: Recovery Planning, Improvements, and Communications