Guest
Template content
What’s the meaning of Necessary manual controls that exist in Appendix Specification of Information System Requirements document and it’s a mandatory or not?
Assign topic to the user
Expert
Rhand Leal
Jan 01, 2019
Answer:
In the "Necessary manual controls" field you must list all controls identified as applicable that for any reason you cannot integrate in the information system you want to protect. For example, if you cannot perform automated output validation and this is a system security requirement, then you should implement it manually.
It is not mandatory to fill in the "Necessary manual controls" field if all required controls can be automated into the information system.
Comment as guest or Sign in
Jan 01, 2019
Jan 01, 2019
Jan 01, 2019