What is a common control?

Prepare for the FISMA Interview Test. Get familiar with key topics and enhance your knowledge with flashcards and multiple-choice questions. Study effectively and be ready for your exam!

Multiple Choice

What is a common control?

Explanation:
A common control is a security control that is implemented at a higher level within the organization and is inherited by multiple information systems. Because it’s established once at the organizational or program level, several systems can share and rely on it, rather than each system creating its own separate control. This approach promotes consistency, reduces duplication, and simplifies assessment and monitoring across the enterprise. Examples include organization-wide security awareness training, a centralized incident response plan, or baseline configuration management that applies to many systems. The other ideas describe controls that are specific to a single system, optional, or limited to physical security, which do not capture the shared, cross-system nature of a common control.

A common control is a security control that is implemented at a higher level within the organization and is inherited by multiple information systems. Because it’s established once at the organizational or program level, several systems can share and rely on it, rather than each system creating its own separate control. This approach promotes consistency, reduces duplication, and simplifies assessment and monitoring across the enterprise. Examples include organization-wide security awareness training, a centralized incident response plan, or baseline configuration management that applies to many systems. The other ideas describe controls that are specific to a single system, optional, or limited to physical security, which do not capture the shared, cross-system nature of a common control.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy