Control is an action or a mechanism put in place to manage a risk. It represents a decision-making step with accompanying decision logic used to determine execution approach for a process or to ensure that a process complies with governance criteria.
Accordingly to TOGAF, The highest level (typically) of description of an organization and typically covers all missions and functions. An enterprise will often span multiple organizations. In many cases it can referred as entire business of an organization.
Risk is an uncertain condition that can result in quantifiable damage, injury, liability, loss, or any other negative occurrence that is caused by external or internal vulnerabilities, and that may be avoided through preemptive action.