Preventive Controls

Preventive controls are put in place to prevent disruptive events before their occurrence. For instance, the HVAC system is meant to prevent overheating equipment. Besides, business impact analysis identifies risks that require immediate mitigation thus improving security in return. In the business continuity plan for the financial organization, there are five preventive controls (Xin et al., 2019). The preventive controls include internal control systems, IT requirements, information security policy, change management, and IT controls (Clark, 2016). Proper implementation of the five measures will ensure that the BCP for the financial institution will achieve its aim of preventing disruptions from occurring and in case they occur it will ensure that operations continue in a time of disruptions and outages.

The financial institution should design and implement a comprehensive, efficient and effective internal control system that determines detective and preventive controls for risks associated with business and its core processes and minimizes operations risks and other risks (Xin et al., 2019). Internal control systems comprised of risk controls, business impact analysis, and risk identification/assessment (Clark, 2016). Business impact analysis is used to examine and measure the impact of a disruption and determines possible control measures and accountability. With the procedures in place, BIA outlines a framework to prevent occurrence threats (Oncioiu & IGI Global, 2019). Besides, risk controls are preventive measures that are aimed at reducing the damage and probability of occurrence of IT-related risks and operational risks. Risk controls, therefore, increases the resistance of an organization to threats and increases the reliability and robustness of its IT-related system and business operations (Allen & Derr, 2016). Lastly, risk identification/assessment is an internal control system that identifies and evaluates threats resulting from operational risks that can disrupt a business or its core processes and identifies critical business functions associated with the system. In conjunction with other risk categories, risk identification and assessments are performed to achieve optimal results. 

Don't use plagiarized sources. Get Your Custom Essay on
Preventive Controls
Just from $13/Page
Order Essay

Other than internal control systems, IT requirement is another preventive control. The financial institution must meet facility management services and IT system requirements to prevent threats that may occur due to failure to meet the set standards (Oncioiu & IGI Global, 2019). The IT requirements that need to be adhered to include those responsible for clearing services and requirements on the workplace and supporting services (Clark, 2016). Meeting IT requirements ensures that the system does not work beyond its capacity to an extent that its infrastructure is compromised and exposes it to risks.

Concerning information security policy, the financial institution should maintain a robust information security policy to protect the disclosure of information to unauthorized users and ensure integrity and data accuracy. Information system security should comprise of different aspects to ensure the business and its process are not affected (Xin et al., 2019). First, the general duties of chief technology officers and subordinates should be well defined to avoid conflicts associated with nuclide duties (Allen & Derr, 2016). Physical control, application/system rights management, mobile phones/tablets, clean desk policy, outsource of partners and service providers, computer and internet, and data security and protection should be addressed in information security policy (Oncioiu & IGI Global, 2019). As a result, every member and each stakeholder in the financial institution should adhere to the information security policy. Besides, the financial institution should ensure that its policy complies with the set standards and requirements. 

Change management is another important aspect of preventive controls because a change in IT systems and business-related operations increases the possibility of disruptions. As a result, the company should implement a change management procedure that outlines the responsibilities and roles of each worker (Clark, 2016). Also, procedures should be evaluated, approved, and tested.

IT control is a preventive control through integration with the general risk controls of the company. Thus, the financial institution should ensure periodical testing, security relates aspects and connectivity (Allen & Derr, 2016). Through the IT controls, the company can prevent disruptions before they occur.


Allen, G., & Derr, R. (2016). Threat assessment and risk analysis: An applied approach.

Clark, R. (2016). Business Continuity and the Pandemic Threat. Ely: IT Governance Publishing. 

In Oncioiu, I., & IGI Global, (2019). Network security and its impact on business strategy.

Xin, M., & Choudhary, V. (April 01, 2019). IT Investment Under Competition: The Role of Implementation Failure. Management Science, 65, 4, 1909-1925.

Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
The price is based on these factors:
Academic level
Number of pages
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more
Live Chat+1(978) 822-0999EmailWhatsApp

Order your essay today and save 20% with the discount code LEMONADE