A company's management aims to ensure employees know how to securely handle customer information to meet compliance requirements. Which of the following control types would BEST address this need?
Implementing security policies and guidelines is an example of a directive control. Directive controls are designed to provide instructions and expectations to employees, guiding their actions to comply with security requirements. Installing security cameras is a physical deterrent control, deploying network firewalls is a technical preventive control, and using data encryption tools is also a technical control. While these controls enhance security, they do not directly instruct employees on proper procedures.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are directive controls?
Open an interactive chat with Bash
How do security policies help with compliance requirements?
Open an interactive chat with Bash
What are the differences between directive, technical, and physical controls?