when possible , operations controls should be invisible, or transparent, to users, this keeps users from feeling hampered by security and reduces their knowledge of the overall security scheme, thus further restricting the likelihood that users will violate system security deliberately
在可能的情况下,业务控制应该看不见或透明对用户来说,这样可以使用户感觉受到安全,并降低他们对全面的安全计划的知识,从而进一步限制用户故意违反系统安全的可能性。
The goal of change management is to ensure that any change does not lead to reduced or compromised security
change management 的目标是确保改变不会导致安全的减少和削弱
compromise-- verb , weaken(a reputation or principle) by accepting standards that are lower than is desirable
key element of an audit report include the purpose , scope ,and results of the audit.
审计报告的目的,范围,和审计结果 构成了审计的基本元素。
博文
没有评论:
发表评论