Information is secure to the extent that the requirements for its authorization, authenticity, confidentiality, integrity, non-repudiation and availability have been satisfied.
Using firewalls and virus protection software to protect its system from the introduction of unauthorized or harmful software, data or other material in electronic form.
Using effective encryption including both maintaining the privacy and security of transmissions through authorization of decryption keys, and preventing the misused of encryption technology.
Controls over the development and implementation of systems used to support e-commerce activities.