ACCT 3122 Chapter : Chapter 6

Its objectives coincide w/ those of infosec in general (to provide: confidentiality, integrity, & availability) The isms typically has the basic elements of any information system, such as hardware, databases, procedures, and reports. Isms is an icp & manages risk, tf it is part of the erm process. (erm=the process by which mgmt. balances risk v. opportunity) Confidentiality: preserving authorized restrictions on access and disclosure, including means for protecting personal privacy & proprietary info. Integrity: guarding against improper info modification or destruction, & ensuring info nonrepudiation and authenticity. Availability: ensuring timely and reliable access to and use of information. Information security protecting information to provide confidentiality, integrity, and availability. More specifically, protects info and info systems from unauthorized access, use, disclosure, disruption, modification, or destruction to provide: The term computer security is often used interchangeably w/ information security, but info sec is a much broader concept (deals w/ all info)