[UNLOCKED]: security control
Module 03 Content
- For this part of your Course Project, you will use the following Trust Service Principle:
“Logical access security software, infrastructure, and architectures have been implemented to support (1) identification and authentication of authorized users; (2) restriction of authorized user access to system components, or portions thereof, authorized by management, including hardware, data, software, mobile devices, output, and offline elements; and (3) prevention and detection of unauthorized access.”
Add at least 5 security controls into the XYZ Security Controls Matrix which can be used by XYZ Technologies to adhere to the above trust service principle. Each column of information should include the following:
XYZ Security Control Matrix.docx
- Control Activity – The written security control for XYZ Technologies
- Evidence of Performance of Control – A description of the evidence used to validate the function of the control.
- Test Plan – How the control will be tested to determine is operating effectiveness.
- Review Interval – How often the control will be tested throughout the recording period: Daily, Weekly, Monthly, Quarterly, Bi-Annual, Annually
- Additional requirements are: all three criteria in the trust service principle should be addressed by at least one control.
Submit your completed assignment by following the directions linked below. Please check the Course Calendar for specific due dates.