Ready to Start Your Career?

CISSP Study Guide: Defining Security Management

Cybrary's profile image

By: Cybrary

December 6, 2022

Security management concepts and principles are key components in a security policy and solution procedures. They contain important documents such as policies, practices, and guidelines that establish the framework for a secure information system. These documents present the organization’s information benefits and lay out its security procedures.

The main objectives and goals of security are defined within the CIA Triad, or three main security principles: confidentiality, integrity and availability. Security controls must acknowledge one or more of these three principles:

  • Confidentiality: The guarding of sensitive information through rigorous measures to prevent exposure or sharing of the information with unauthorized persons. Once the information is intentionally or unintentionally released, confidentiality is lost. Breaches of confidentiality include stealing files, shoulder surfing, or screen recording.
  • Integrity: The practice of maintaining data consistency and ensuring the information hasn’t been altered or compromised in any way. This process is applied to data in active use, data that is stored and data that’s transferred.
  • Availability: Allowance of data being accessed at any time by authorized persons.
Schedule Demo

Let's build your cybersecurity career together

Accelerate in your role, prepare for certifications, and develop cutting edge skills with the most in-demand training in the industry.

2,000+learning activities led by highly experienced cybersecurity professionals