You are an IT auditor trainee at an auditing firm. Cooper & Kumar, a large, publicly traded financial investment firm, is a client. Cooper & Kumar has 25 sites across the region, 2,000 staff members, and thousands of clients.

You recently assessed the companys overall security policy and related documents. One area that was lacking was a description of security controls that apply to data connections from outside the internal network, such as when clients access their investment accounts. Nina, your manager, suggests that you consult the latest versions of NIST SP 800-53 and NIST SP 800-53A as your primary resources to identify relevant controls and assessment objectives.

For this assignment:

Conduct research on applicable security controls and assessment objectives as described in NIST SP 800-53 and NIST SP 800-53a. For example, consider remote access, session termination, and transmission confidentiality and integrity.

Draft a memo to your manager regarding three different security controls that are applicable to the scenario, as well as related assessment objectives as stated in NIST SP 800-53a

Cite your research properly.