You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In Risk Management, we occasionally need to apply tailored controls or compensating mechanisms that achieve or partially meet the desired outcome. This could be the result of technical limitations, design, or other factors that impact or block security outcomes.
In the course of this group's work, should we consider development of guidance for adopters where projects, by design or technical limitation, cannot provide metadata to align with the metric? Should we guide projects on compensating mechanisms that offset risk their project may present to potential adopters?
The text was updated successfully, but these errors were encountered:
In Risk Management, we occasionally need to apply tailored controls or compensating mechanisms that achieve or partially meet the desired outcome. This could be the result of technical limitations, design, or other factors that impact or block security outcomes.
In the course of this group's work, should we consider development of guidance for adopters where projects, by design or technical limitation, cannot provide metadata to align with the metric? Should we guide projects on compensating mechanisms that offset risk their project may present to potential adopters?
The text was updated successfully, but these errors were encountered: