Automated information systems security

1. Measures and controls that ensure confidentiality, integrity, and availability of the information processed and stored by automated information systems.

Note 1: The unauthorized disclosure, modification, or destruction may be accidental or intentional.

Note 2: Automated information systems security includes consideration of all hardware and software functions, characteristics and features; operational procedures; accountability procedures; and access controls at the central computer facility, remote computer, and terminal facilities; management constraints; physical structures and devices, such as computers, transmission lines, and power sources; and personnel and communications controls needed to provide an acceptable level of risk for the automated information system and for the data and information contained in the system. Automated information systems security also includes the totality of security safeguards needed to provide an acceptable protection level for an automated information system and for the data handled by an automated information system.

2. In INFOSEC, synonym computer security.

Source: from Federal Standard 1037C