rilpoint_mw113

Control

1. Control is any action, procedure or operation undertaken by an organization to increase the likelihood that activities, policies and procedures to contain risk that has been identified.

Note: Controls can be countermeasures for vulnerabilities and these actions taken can both be physical and procedurals.


2. In the context of auditing, Control is a policy or procedure that is part of internal control.


BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 1: Foundation




BCMBoK Competency Level
BCMBoK 7: Program Management CL 6: Intermediate (BCM Audit)




BCMBoK Competency Level
BCMBoK 7: Program Management CL 7: Advanced (BCM Audit)

(Source: Business Continuity Management Institute - BCM Institute)


3. Any action which reduces the probability of a risk occurring or reduces its impact if it does occur.

(Source: Business Continuity Institute - BCI)


4. Any physical,behavioral,institutional or cultural mechanism by which a risk is mitigated.

(Source: Australia. A Practitioner's Guide to Business Continuity Management HB292 - 2006 )


5. Measure to modify risk (see Clause 3.1).

Notes:

  • Controls are the result of risk treatment.
  • Controls include any process, policy, device, practice, or other actions designed to modify

risk.

(Source: AS/NZS 5050.3 Australian and New Zealand Standards for business continuity management.

Part 3: Business continuity management audit and assurance standard)

Retrieved from "http://www.bcmpedia.org/wiki/Control"