Information Security Handbook Glossary 2009 (†486)"Glossary of Information Security Terms." Information Security Handbook (ISMRC, 2009).
- confidentiality : The ability to limit access to authorized individuals. Used interchangeably with privacy when referring to personal or customer data. Confidentiality is achieved through the use of access controls, encryption, "know-your-customer" procedures, etc. (†737)
- operational risk : The risk of loss to the business from operations and technology functions based on the failure of people, processes or systems or from external events (fires, storms, earthquakes, etc.). Operation risk includes such disciplines as information security, business continuity planning, records management and operational controls. (†738)