The University of SydneyPage 58Information Security Management–Managing information Systems security is about maintaining integrity of the three systems–Managing security is the implementation of a range of controls–Control= “the use of interventions by a controller to promote a preferred behavior of a system being controlled”–Technical control, e.g., limit access to computer rooms–Formal control, e.g., organisationalhierarchy–Informal control, e.g., information security awareness program