2 REVIEW OF INFORMATION SECURITY FUNDAMENTALS
Having set the scene in terms of definitions, standards and guidelines, the time is right to take a brief look back at the fundamental concepts of information security, as it is these that will form the basis of the risk assessment process itself.
It is a widely held belief that the three main pillars of information security are confidentiality, integrity and availability, often referred to simply as ‘CIA’. Whilst this is essentially true, other factors also contribute to the overall scheme of things. Accountability, authenticity, non-repudiation and reliability are all contributing factors, and need to be considered along with the ‘main’ three.
Let us take a look at some definitions and explanations ...