A Common Control is a security control that can be implemented and inherited across multiple systems or solutions within an organization. It serves as a foundational element in managing security risks across various systems, allowing for consistent application and management of security measures. As an example, a common control within an information system could be the boundary protection services provided at the site or locations. The boundary protection can provide services to any of the applications within the boundary of the site, so that each independent information system does not have to provide their own independent boundary protection services, nor does the boundary protection have to be assessed as part of the information system being implemented. The information system ‘inherits’ the protection of the boundary. Title: A Common Control is a security control that can be implemented and inherited across multiple systems or solutions within an organization. (Common Control)
Applicability: Applicable in standardizing and implementing security controls across multiple systems.