Security Information System

Once the risks identified, it is desirable to determine the security objectives. These objectives are an expression of intent to counter identified risks and / or to comply with organizational security policies. A goal can be on the target system, its development environment or operating environment

The security of information systems (ISS) is the set of technical, organizational, legal and human resources needed and put in place to conserve, restore, and ensure the security of information systems.