Chapter 6: Accountability Controls

Developing new software applications

Managing social media accounts

Ensuring the reliability and accuracy of financial information

Enforcing parking regulations

Digital security controls

IT General Control

Physical security controls

Cybersecurity controls

Management

Compliance Specialists

External Auditors

IT Support Staff

To confuse employees

To enforce IT security policies through security controls

To slow down operations

To limit access to information

Increase fraudulent business activity

Reduce the accuracy of financial information

Ensure compliance

Decrease operational efficiency

Between the moon and the stars

Between security risk and laws that set standards of care

Between breakfast and lunch

Between the office and the cafeteria

The Payment Card Industry Data Security Standard (PCI DSS)

Center for Internet Security controls

The Health Insurance Portability and Accountability Act (HIPAA)

National Institute of Standards and Technology Cyber Security Framework

To confuse network teams

To determine the target systems and applications

To avoid compliance with regulations

To keep all assessment activity secret

Compliance Specialists

IT Support Staff

External Auditors

Management

To enable citizen confidence in administration

To create chaos

To increase waste and delay

To recommend new policies