Exam4Training

What is the impact of this action?

An employee of the organization accidentally deleted customers’ data stored in the database.

What is the impact of this action?
A . Information is not accessible when required
B . Information is modified in transit
C . Information is not available to only authorized users

Answer: A

Explanation:

According to ISO/IEC 27001:2022, availability is one of the three principles of information security, along with confidentiality and integrity1. Availability means that information is accessible and usable by authorized persons whenever it is needed2. If an employee of the organization accidentally deleted customers’ data stored in the database, this would affect the availability of the information, as it would not be accessible when required by the authorized persons, such as the customers themselves, the organization’s staff, or other stakeholders. This could result in loss of trust, reputation, or business opportunities for the organization, as well as dissatisfaction or inconvenience for the customers.

Reference: ISO/IEC 27001:2022 – Information security, cybersecurity and privacy protection ― Information security management systems ― Requirements

What is ISO 27001? A detailed and straightforward guide – Advisera

Exit mobile version