Information Security
Ensuring Confidentiality
Information security allows an organisation to establish, implement, maintain and improve the management of business systems by introducing effective policies, processes, security controls and countermeasures.
Legal, regulatory and contractual requirements increase regularly.
Organisations can manage these processes by implementing an information
security management system. There are a number of management frameworks that
support business activities including COBIT 5, ISO/IEC 27001 and NIST.
Information security uses risk management processes to identify threats and vulnerabilities. Security incidents and breaches can be managed effectively through the implementation of information security controls in an ISMS.