Access controls are also important because it is not always possible to encrypt all confidential information while it is stored. In such cases, strong authentication techniques are necessary to ensure that only authorized individuals have access to the information. In addition, strong authorization controls should be used to limit the actions (read, write, change, delete, copy, etc.) that authorized users can perform when accessing confidential information.
It is also important to Control access to system outputs. Useful control procedures for doing so include the following.