From the course: CISA Cert Prep: 1 Auditing Information Systems for IS Auditors
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Internal objectives and controls
From the course: CISA Cert Prep: 1 Auditing Information Systems for IS Auditors
Internal objectives and controls
- [Instructor] Alright, let's talk about internal objectives and controls. So the primary security objectives are confidentiality, integrity, and availability. You might hear this referred to as the CIA triad or the AIC triad. Confidentiality is all about keeping something secret, preventing somebody from getting access to something. Integrity is all about keeping something from being modified in an unauthorized way. And availability is making sure that something is there when it needs to be or when it's desired to be accessed. Now the most common form of attack against availability is some kind of denial of service whether you're consuming too many resources and preventing somebody from getting access, or you're blocking access to it. That's a denial of service and that threatens or challenges something's availability. Now what's not necessarily as intuitive is when we talk about confidentiality and integrity. But I'll just give you this little hint. Whenever we're talking about…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.