IT Examiner School - Oct 2025

Internal Use Only

CIA Control Table - Integrity

Preventative

Detective

Corrective

• Duty Segregation • Background Checks and Effective Hiring Practices • Controlled Off-Boarding • Change Management Policy

• Security Review Policy • Security Procedures • Job Rotation

• Incident Response Plan (IRP)/Procedures • IRP Testing Simulations

Administrative

• Control Totals • Checklists • Dual Controls

• Reconciliation • Control Total Verification

• Incident Response Team • Reject Re-Entry

Physical

• Digital Signatures • Patch Management • Anti-Malware Software • Firewalls

• IDS/IPS • Checksums • Hash Comparison

• Platform Restore • Data Integrity Verification and Testing • Operating System Updates

Technical

Internal Use Only

CIA Control Table - Availability

Preventative

Detective

Corrective

• Strategic Planning • Business Continuity (BC)/ Disaster Recovery (DR) Planning • Business Resiliency Planning

• BC/DR Planning Tests • Continual Monitoring Enabled

• DR Procedures • Emergency Procedures

• Logging Configuration • Regular Log Reviews

Administrative

• Fire Suppression • Back-Up Media • Uninterruptible Power Supply (UPS) • Generator • Data Vaulting • Failover Configurations • Redundancy Arrays (RAID, Mirroring, Virtual Snapshots, etc.)

• Smoke Detectors • Water Detectors • Video Surveillance • Motion Detectors

• BC Planning Recovery Team • IRP Team • Off-Site Storage/Backups

Physical

• Anti-Malware Software • System Performance Monitoring

• Failover Systems • Load Balancing

Technical