Acin Roundtables are held regularly and for Acin Network Members only. In this session the key discussion points included:
What makes a control “key”, and how does this link to risks, business/operating model and risk tolerance?
What is the right definition, architecture and attributes of a well-designed key control?
If key control inventories are primarily driven by key risks and individual organisations operating models, how dynamic is the list of key controls going to be, and what does this mean for the RCSA and other control processes?