02_StatementOfControlObjectives

** __ Security Information Management  __ ** ** Control Objective ** – To control access to the Information Systems to prevent unauthorized use and restrict authorized use which, if not properly controlled, could compromise the Information System and the data stored within the system. (not sure the highlighted part is needed for the objective that seems to be something that would go in the Adverse Impact column). ** Control Objective ** – To ensure proper controls are in place to safeguard assets and prevent, detect and eliminate fraudulent activity and ensure data and system availability to allow the information systems to fully support the organizations objectives. ** __ Firewall Management, Intrusion Detection, Intrusion Prevention  __ ** ** Control Objective ** – To ensure updated security techniques (i.e. firewall, intrusion detection) are in place and functioning as intended to protect the Information System. ** Control Objective ** – To ensure preventative, detective and corrective measures are in place and working as they are intended to protect the Information System from any intrusion.
 * __ Control Objectives :  __ **