Skip to content
Log in

Control family

Definition

A grouping of related controls within a catalogue. NIST SP 800-53 uses 20 families identified by two-letter codes: AC (Access Control), AU (Audit and Accountability), IA (Identification and Authentication), IR (Incident Response), and so on. ISO 27002 groups its 93 controls into four themes: Organisational, People, Physical, and Technological.

Related terms

Control catalogue
A structured list of security controls, each with an identifier, a statement of intent, and (in detailed catalogues) implementation guidance. Examples include...
Crosswalk
A published table that aligns controls from two frameworks side by side to show which controls address the same security objective. NIST,...
Gap analysis
The process of comparing what a framework requires against what an organisation has actually implemented, to identify controls that are absent, partial,...
Implementation Group (IG)
A CIS Controls concept that divides the 153 safeguards across three tiers by organisational size and risk profile. IG1 (56 safeguards) covers...
Unified control mapping
An organisation-specific artefact that consolidates multiple crosswalks into a single table, adds columns for the organisation's own control implementations and evidence artefacts,...

Explained in

  • Mapping Controls Across FrameworksA grouping of related controls within a catalogue. NIST SP 800-53 uses 20 families identified by two-letter codes: AC (Access Control), AU (Audit and Accountab...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account