Ace the CISM Challenge 2025 – Become a Cybersecurity Superstar!

The choice of confidentiality, integrity, and availability accurately reflects the core principles of an information security program, commonly referred to as the CIA triad. These principles are fundamental to ensuring that information remains secure throughout its lifecycle.

Confidentiality ensures that sensitive information is only accessible to those who have the appropriate authorization, protecting it from unauthorized access and disclosure. Integrity refers to the accuracy and reliability of data, ensuring that it is not altered or tampered with by unauthorized individuals. Availability guarantees that information and resources are accessible to authorized users when needed, which is crucial for maintaining business operations and services.

These three principles provide a comprehensive framework for evaluating and implementing security controls, risk management processes, and response strategies within an organization. Understanding and adhering to the CIA triad is essential for developing effective security policies and practices that protect information assets from various threats.

The other choices prioritize different aspects of management or operational efficiency, but they do not encapsulate the overarching principles that underpin an effective information security program in the same way that the CIA triad does.