Unit 3 Listen and Read:
Information security (infosec)
A security audit may be conducted to evaluate the organization's ability to maintain secure systems against a set of established criteria. Jobs within the information security field vary in their titles, but some common designations include IT chief security officer (CSO). Information security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Typically, this group is led by a chief information security officer. These objectives ensure that sensitive information is only disclosed to authorized parties (confidentiality), prevent unauthorized modification of data (integrity) and guarantee the data can be accessed by authorized parties. Information security processes and policies typically involve physical and digital security measures to protect data from unauthorized access, use, replication or destruction. Infosec responsibilities include establishing a set of business processes that will protect information assets regardless of how the information is formatted or whether it is in transit, is being processed or is at rest in storage.