CIA Triad also the basis for our ethical behavior

Bookmark This (opens in new window)

TheCIA Triad CIA Triad forms the core principles of information security: confidentiality, integrity, and availability. These principles govern how information and systems should be designed and managed.

The CIA Triad also applies to our professional behavior as information security professionals.

Confidentiality

We are obligated to keep many secrets – corporate secrets, staff secrets, and personal secrets. We must keep this confidential information under wraps and earn the trust of employers, colleagues, and regulators every day.

Integrity

We must act with integrity. We must develop sound policies and uphold them without bias. We must point out errors and misdeeds, dispassionately and objectively, in order to uphold the common good. We must seek out and defend the truth in all situations we find ourselves in.

Availability

Even when we may feel too weary to do so, we should be available for consultation to our employers and our colleagues. There are too few data security professional, and our counsel is needed often, especially when the advice that is sought has high-value outcomes.

Being available means we must manage our time well, to ensure that we are working on the truly important tasks and not merely the urgent ones. Risk professionals are influencers, and we must be sure to influence outcomes in situations that really matter.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s