Which term describes the set of controls that administer an organization's assets and personnel, including policies, procedures, standards, baselines, and guidelines established by management?

In governance-driven security, the controls that shape how the organization is run to protect assets and people come from management’s direction. This collection includes the policies, procedures, standards, baselines, and guidelines that management establishes to set expectations, direct behavior, and provide a consistent way to operate securely. Because these elements are created and enforced by management to govern the entire security posture, they are described as management controls. (Some frameworks refer to the same concept as administrative controls, but the wording here points to the management control concept.) The broader, ongoing governance focus distinguishes these from narrower, topic-specific policies or technical controls.