ISO/IEC 27001 focuses on the core principles of the CIA triad:
•Confidentiality: Ensuring information is accessible only to authorized individuals.
•Integrity: Maintaining the accuracy and completeness of information, protecting it from unauthorized modification.
•Availability: Information should be accessible to authorized users when needed (this is also important, but not one of the choices in this specific question).
References:
•ISO/IEC 27001:2022, Section 4.2 (Understanding the needs and expectations of interested parties): This section highlights the importance of determining relevant interested parties and their requirements related to information security, which includes addressing confidentiality, integrity, and availability.
•PECB Candidate Handbook, ISO/IEC 27001 Lead Auditor: This handbook often emphasizes the foundational role of the CIA triad within an effective Information Security Management System (ISMS).
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit