Security Controls

Security controls are measures put in place to protect an organization’s assets, systems, and data from threats. They can be classified into three categories:

1. Administrative Controls: Policies, procedures, and governance to manage and direct security efforts (e.g., security training, access control policies, incident response plans).

2. Technical Controls: Security mechanisms implemented through technology to protect systems (e.g., firewalls, encryption, intrusion detection systems).

3. Physical Controls: Physical measures to prevent unauthorized access to facilities and equipment (e.g., locks, surveillance cameras, security guards).