A compensating control is a security measure that acts as an alternative to the primary control to mitigate risks. It is designed to address a specific vulnerability or risk when primary controls are not feasible or sufficient. This may include additional monitoring, policy changes, or technical solutions.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are some examples of compensating controls?
Open an interactive chat with Bash
How do compensating controls differ from primary controls?
Open an interactive chat with Bash
In what situations might a compensating control be necessary?