There are three objectives of computer application security, corresponding to the three direct negative effects on computerized data that they seek to overcome. Each specific application must be analyzed to determine the appropriate level of each of the three objectives.

Data Integrity

The data is the same as the original input source and/or has been computed and maintained accurately. This objective protects against either accidental or purposeful modification or destruction of data (or programs).

Data Confidentiality

The data is held in confidence and is protected from unauthorized disclosure. This objective protects against either accidental or purposeful disclosure of data to unauthorized persons.

Data and System Availability

Authorized users can obtain the required data and system services in a reasonable period of time. This protects against lack of access (or too slow access) to data, programs, and other system resources when required by authorized system users.

Source: Fundamentals of Computer Fraud. (1999). Austin, TX: Association of Certified Fraud Examiners.