"The process of comparing actual performance with planned performance, analyzing variances, evaluating possible alternatives, and taking appropriate corrective action as needed." (Timothy J Kloppenborg et al, "Project Leadership", 2003)
"Comparing actual performance with planned performance, analyzing variances, assessing trends to effect process improvements, evaluating possible alternatives, and recommending appropriate corrective action as needed." (Cynthia Stackpole, "PMP® Certification All-in-One For Dummies®", 2011)
"Controls set out how you propose to stick to your plan in the face of the challenges of the real world, and what you will do when reality forces your project to deviate from plan." (Mike Clayton, "Brilliant Project Leader", 2012)
"The power to direct the management and policies of a business enterprise." (Mark L Zyla, "Fair Value Measurement", 2012)
"As per the IIA definition, any action taken by the management, the board, and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. Management plans, organizes, and directs the performance of sufficient actions to provide reasonable assurance that objectives and goals will be achieved." (Sally-Anne Pitt, "Internal Audit Quality", 2014)
"Controls can be strategic, tactical or operational. Strategic controls are very high level, such as risk avoidance, transfer, reduction and acceptance. Tactical controls determine a general course of action, such as detective, preventative, corrective and directive Operational controls determine the actual treatment, such as technical or logical, procedural or people and physical or environmental." (David Sutton, "Information Risk Management: A practitioner’s guide", 2014)
"Safeguards used to minimize the impact of threats." (Manish Agrawal, "Information Security and IT Risk Management", 2014)
"Actions or changes put in place to reduce a weakness or potential loss. A control is also referred to as a countermeasure." (Weiss, "Auditing IT Infrastructures for Compliance" 2nd Ed, 2015)
"Safeguard that is put in place to reduce a risk, also called a countermeasure." (Adam Gordon, "Official (ISC)2 Guide to the CISSP CBK" 4th Ed., 2015)
"Manual or automated mechanisms to ensure events or activities are tracked and potentially limited in their scope or impact." (Gregory Lampshire, "The Data and Analytics Playbook", 2016)
"A measure that is modifying risk." (ISO Guide 73:2009)
"Means of managing a risk, ensuring that business objectives are achieved, or ensuring that a process if followed" (ITIL)
No comments:
Post a Comment