A state of being security and free from danger or harm. Also, the actions taken to make someone or something secure

Unsolicited commercial e-mail, typically advertising transmitted in bulk

Detailed statements of what must be done to comply with the policy

Types of malware that are capable of activation and replication without being attached to an existing program

An understanding of the potential consequences of a successful attack on an information asset by a threat

The probability that a specific vulnerability within an organization will be attacked by a threat

A determination of the extent to which an organization’s information assets are exposed to risk