IT Examiner School - Oct 2025

Internal Use Only

Principles of Information Security

The CIA Triad

• Confidentiality. Only authorized entities, have access to the data. • Integrity. There are no unauthorized modifications of the data. • Availability. Authorized entities can access the data when and how they are permitted to do so.

Internal Use Only

4

Information Security Principles: Security vs. Performance

• Security. Security is a trade off in performance, useability, backward compatibility. • Balance. Companies must tradeoff and strike a balance between the amount of security, regulatory obligations and risk tolerance. • C-I-A. must be considered when applying the appropriate amount of security into an environment.

Security Performance