org's policies and procedures,
controls, and related info tech
-> regarding the collection, use, storage,
usability, analysis, deletion,
safeguarding of data.
- data availability (protection from loss),
- integrity (protection from corruption),
- access (role-restricted access to sensitive org/
customer data),
- compliance with relevant laws and regulations
(privacy)