LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

Swiss and EU data protection law breaks TOMs down into eight specific control areas. What are these eight controls, and what does each one protect?

The eight TOM controls cover every layer of data protection, from physical building access all the way to logical data separation.

The eight TOM controls as a serpentine grid (entry, login, data access, transfer, input, processor, availability, separation).

* The eight TOM controls as a serpentine grid. *

German Term English What It Covers
Zutrittskontrolle Physical Access Control Who can physically enter the building or data center.
Zugangskontrolle System Access Control Authentication: who can log into systems.
Zugriffskontrolle Data Access Control Authorization: who can access which specific data.
Weitergabekontrolle Transfer Control Securing data during transmission, audit logs.
Eingabekontrolle Input Control Tracking who creates, modifies, or deletes data.
Auftragskontrolle Processing Control Ensuring processors follow controller instructions.
Verfügbarkeitskontrolle Availability Control Backups, disaster recovery, uptime guarantees.
Datentrennung Data Separation Keeping data collected for different purposes apart.

Memory tip: The first three controls form a natural progression. First you enter the building, that's Zutrittskontrolle. Then you log into a system, that's Zugangskontrolle. Then you access specific data, that's Zugriffskontrolle. Physical access leads to system access leads to data access.

From Quiz: PRIVACY / TOM and OSINT | Updated: Jul 14, 2026