The Principles

The information security management system preserves the confidentiality, integrity and availability of information by applying a risk management process and gives confidence to interested parties that risks are adequately managed.

It is important that the information security management system is part of and integrated with the organization’s processes and overall management structure and that information security is considered in the design of processes, information systems, and controls. It is expected that an information security management system implementation will be scaled in accordance with the needs of the organization.

CIA Venn Diagram

Confidentiality
The property of ensuring that information entrusted to you is not made available or disclosed to unauthorised individuals, entities or processes.

Integrity
The property ensuring the protection of the accuracy and completeness of information entrusted to you.

Availability
The property of ensuring that the information entrusted to you is accessible and usable upon demand by any authorised entity.