Term:Compensating Controls

From FISMApedia
Jump to: navigation, search

NIST IR 7298

Compensating Controls - The management, operational, and technical controls (i.e., safeguards or countermeasures) employed by an organization in lieu of the recommended controls in the low, moderate, or high security control baselines, that provide equivalent or comparable protection for an information system. SOURCE: FIPS 200