Control actions are actions that help ensure that management’s instructions are implemented to reduce risks to the achievement of objectives. It is determined through policies and procedures.
Control Activities Principles
When implementing control actions, institutions consider the following principles and the focal points related to these principles. These principles are briefly mentioned below.
Principle 11: Selecting and Developing General Controls to Apply to Technology: The organization* selects and develops control actions that will contribute to reducing risks to achieving objectives to acceptable levels.
Principle 12: Implementation through Policies and Procedures: The organization* carries out control actions through policies that establish expectations and procedures that implement the policies.
*Organization: In the context of the Framework, when defining the principles, the word “organization” includes the board of directors, management, and other personnel. Generally, the board of directors functions as the oversight body under this term.
Bu gönderi şu adreste de mevcuttur: Türkçe