Existing Citations

  • adequate security (p. 6): It is incumbent upon the organization to implement its directives in a manner that provides adequate security for protecting information and information systems. As threats continue to evolve in an environment where organizations have finite resources with which to protect themselves, security has become a risk-based activity where the operational and economic costs of ensuring that a particular threat does not exploit a vulnerability are balanced against the needs of the organization’s mission and business processes. (†1679)