Which of the following is not one of the types of controls?

The correct answer is transitional. In the context of cybersecurity and risk management, controls are typically categorized into three main types: physical, technical, and administrative.

Physical controls refer to the tangible measures implemented to protect assets, such as locks, surveillance cameras, or security guards. These controls are crucial in securing physical access to facilities and equipment.

Technical controls, on the other hand, involve the use of technology to safeguard systems and data. Examples include firewalls, encryption, and intrusion detection systems. These controls are essential for securing the information within IT environments.

Administrative controls encompass policies, procedures, and practices established by an organization to manage security risks. This can include employee training, incident response plans, and compliance measures that help guide behavior and enforce security standards.

Transitional controls do not exist within the standard framework of control types and therefore is not recognized as a category in security management practices. Understanding these three established types of controls helps organizations effectively protect their assets against various threats.