- Information must be kept confidential, it must not be disclosed to people or ententes who do not need or should not have the information
- Information must be kept accurate and reliable
- Information must be available to those who need it and have rights to it, when they need it.
- A vulnerability is the lack of a countermeasure or a weakness in a countermeasure.
- A entity that takes advantage of a threat.
- A threat is any exploitation that takes advantage of a Vulnerability.
- The likelihood that a vulnerability will be taken advantage of and the associated business impact.
- A counter measure put in place to mitigate the Risk (though not necessarily the vulnerability).
- The damage that a vulnerability exposes a organization or person to.