Administrative Defined Process PCI DSS Reporting Respond Administrative controls Detective controls Perform Risk tolerance Entity Level Control Examination Adverse Opinion Application Control Audit Risk Availability Avoidance Security (Common Criteria) Service Organizations Standard of reference Physical Physical controls Plan Financial Financial audits Preventative controls Technical Baseline Technical controls Breakdown Financial Reporting Follow-Up HIPAA Security Rule Inherent Risk Testing Transfer Collusion Confidentiality Control Risk Processing Integrity Qualified Opinion Quality audits Regulatory Modified Opinion NIST 800-53 Initial/ Ad Hoc Unqualified Opinion Compliance with Laws/Regulations Interviewing Corrective controls ISO 27002 Non-existent Legal Privacy Operational Efficiency & Effectiveness IT General Control Observation Managed and Measurable Mitigation Management Override Judgement Operational audits QUESTION 17 Match the control type to its definition: (word bank) _are the mechanisms, including technologies, operational procedures, and resources-implemented and maintained by an organization to achieve its control objectives