Control

From Business Continuity Management (BCM) and Disaster Recovery (DR) Wiki Glossary

Jump to: navigation, search
1. Control is any action, procedure or operation undertaken by an organization to increase the likelihood that activities, policies and procedures to contain risk that has been identified.

Note: Controls can be countermeasures for vulnerabilities and these actions taken can both be physical and procedurals.


2. In the context of auditing, Control is a policy or procedure that is part of internal control.


BCMBoK Competency Level
BCMBoK 2: Risk Analysis & Review CL 1: Foundation




BCMBoK Competency Level
BCMBoK 7: Program Management CL 6: Intermediate (BCM Audit)




BCMBoK Competency Level
BCMBoK 7: Program Management CL 7: Advanced (BCM Audit)

(Source: Business Continuity Management Institute - BCM Institute)


3. Any action which reduces the probability of a risk occurring or reduces its impact if it does occur.

(Source: Business Continuity Institute - BCI)


4. Any physical,behavioral,institutional or cultural mechanism by which a risk is mitigated.

(Source: Australia. A Practitioner's Guide to Business Continuity Management HB292 - 2006 )


5. Measure to modify risk (see Clause 3.1).

Notes:

  • Controls are the result of risk treatment.
  • Controls include any process, policy, device, practice, or other actions designed to modify

risk.

(Source: AS/NZS 5050.3 Australian and New Zealand Standards for business continuity management.

Part 3: Business continuity management audit and assurance standard)

Retrieved from "http://en.bcmpedia.org/wiki/Control"
Personal tools
Acknowledgment