the Control phase consists of managing investments while monitoring for results. Once the IT projects have been selected, senior executives periodically assess the progress of the projects against their projected cost, scheduled milestones, and expected mission benefits.
Source(s):
NIST SP 800-65 [Withdrawn] under Control

  The part of the ICS used to perform the monitoring and control of the physical process. This includes all control servers, field devices, actuators, sensors, and their supporting communication systems.
Source(s):
NIST SP 800-82 Rev. 2 under Control

  See security control and privacy control.
Source(s):
NIST SP 800-37 Rev. 2

  The means of managing risk, including policies, procedures, guidelines, practices, or organizational structures, which can be of an administrative, technical, management, or legal nature. An attribute assigned to an asset t hat reflects its relative importance or necessity in acheiving or contributing to the achievement of stated goals.
Source(s):
NIST SP 800-160 Vol. 2 from ISACA Glossary of Terms

  See security control or privacy control.
Source(s):
NIST SP 800-53 Rev. 5

  A measure that is modifying risk. (Note: controls include any process, policy, device, practice, or other actions that modify risk.)
Source(s):
NIST SP 1800-15B under Control from NISTIR 8053
NIST SP 1800-15C under Control from NISTIR 8053

  measure that is modifying risk. (Note: controls include any process, policy, device, practice, or other actions which modify risk.)
Source(s):
NISTIR 8053 from ISO/IEC 27000:2014