CIA Integrity Risks

In the traditional CIA confidentiality, availability, integrity tech risk factors around information security/assurance, what are some examples of “integrity” risks? Confidentiality is pretty obvious – restrict access to sensitive data on a business need to know, availability I assume is linked with DDoS type attacks. But intergrity I am not to sure about, so in the context of business critical databases/services what are some integrity risks and subsequent controls?
LVL 4
pma111Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

xtermieCommented:
read here:
(1) http://en.wikipedia.org/wiki/Information_security
(2) http://it.med.miami.edu/x904.xml
where it reads:
Integrity:   Integrity refers to the trustworthiness of information resources.
It includes the concept of "data integrity" -- namely, that data have not been changed inappropriately, whether by accident or deliberately malign activity.  It also includes "origin" or "source integrity" -- that is, that the data actually came from the person or entity you think it did, rather than an imposter.
Integrity can even include the notion that the person or entity in question entered the right information -- that is, that the information reflected the actual circumstances (in statistics, this is the concept of "validity") and that under the same circumstances would generate identical data (what statisticians call "reliability").
On a more restrictive view, however, integrity of an information system includes only preservation without corruption of whatever was transmitted or entered into the system, right or wrong.

and read this for sure
(3) https://www.cia.gov/library/center-for-the-study-of-intelligence/kent-csi/vol41no5/pdf/v41i5a05p.pdf
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pma111Author Commented:
I'd read the wiki its management speak - I was hoping for some expert comments and real life examples
0
xtermieCommented:
ok, sorry...try reading the CIA PDF file
0
pma111Author Commented:
Will do thanks
0
ralmadaCommented:
The way I see this, is

1) Confidentiality: Is tied to who can read your data
2) Integrity: Who can make changes (write) to your data.

Adequate access controls is key to maintain confidentiality and integrity. But making changes to your data also requires an additional control and that is that unauthorized changes should be detected timely. That is where adequate logging and monitoring controls come into place.

Hope this is useful for you.

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.