This means that the information is accessible to those authorized to view or modify it.

• 35 minutes

DSE Display Screen Equipment

Do you ever get aches, pains, eye strain or headaches after work? Your display screen equipment and workstation may not be set up correctly.

Our Display Screen Equipment (DSE) online course explores how to set up your workstation to avoid health and safety issues. It covers the relevant legislation, the importance of good posture, and exercises to prevent musculoskeletal problems, aches and pains.

• 35 minutes

• 5 minutes

Commercially Sensitive Information

This online training course is the fourth in our ‘Take 5’ series of courses on anti-trust and has been designed to maximise learner engagement and knowledge retention.

In this course, learners will gain a general awareness of the different types of commercially sensitive information, how to recognise it, and how to respond if they see or hear commercially sensitive information.

The leaner will take on the role of an employee running a stand at a trade exhibition showcasing the company’s products to potential customers. During their day, they are presented with a series of situations where they will encounter potentially competitively sensitive information and will be asked to identify whether the information is commercially sensitive.

This course will improve learner awareness of commercially sensitive information and know how to make the right decisions to minimise the risk.

• 5 minutes

Learn more

• 45 minutes

Information Security Essentials

With so much important information now held in digital form, information security has become an issue that no organisation can afford to ignore. The scale of the threat can’t be overstated: in a recent survey, more than 90% of organisations said that they’d suffered some form of cyber security incident in the previous year.

This is where our Information Security Essentials eLearning course can help. It’s been designed to provide your staff with an understanding of the main cyber security threats and the practical things they can do to counter them. By taking this course learners can help to ensure everyone in your organisation know how to protect the confidentiality, integrity and availability of the information they work with.

• 45 minutes

Learn more

• 15 minutes

Information Security Diagnostic Assessment

This online training course is designed to test learner’s knowledge on key topic areas of information security principles and best practice.

An AI-powered assessment, it measures the learner’s understanding of the topic and offers follow up microlearning training designed to fill gaps in knowledge. Available as xAPI courses on Astute LXP, the Diagnostic Assessment utilises the auto enrol functionality of Astute’s powerful AI engine.

A unique, innovative solution, the Diagnostic Assessment is ideal for evaluating individual training needs for each employee and saving time on unnecessary training.

  A condition that results from the establishment and maintenance of protective measures that enable an organization to perform its mission or critical functions despite risks posed by threats to its use of systems. Protective measures may involve a combination of deterrence, avoidance, prevention, detection, recovery, and correction that should form part of the organization’s risk management approach.
Source(s):
NIST SP 800-172
NIST SP 800-172A
NIST SP 800-37 Rev. 2
NIST SP 800-53 Rev. 5 from CNSSI 4009-2015
NIST SP 800-53A Rev. 5 from CNSSI 4009-2015
NIST SP 800-171 Rev. 2 from CNSSI 4009

  A condition that results from the establishment and maintenance of protective measures that enable an enterprise to perform its mission or critical functions despite risks posed by threats to its use of information systems. Protective measures may involve a combination of deterrence, avoidance, prevention, detection, recovery, and correction that should form part of the enterprise’s risk management approach.
Source(s):
CNSSI 4009-2015
NIST SP 800-12 Rev. 1 under Security from CNSSI 4009
NIST SP 800-160 Vol. 2 Rev. 1 from CNSSI 4009-2015, NIST SP 800-37 Rev. 2

  Protection against intentional subversion or forced failure. A composite of four attributes – confidentiality, integrity, availability, and accountability – plus aspects of a fifth, usability, all of which have the related issue of their assurance.
Source(s):
NIST SP 800-160 Vol. 2 Rev. 1 from ISO/IEC/IEEE 15288:2015

  Freedom from those conditions that can cause loss of assets with unacceptable consequences.
Source(s):
NIST SP 800-160 Vol. 2 Rev. 1
NIST SP 800-160v1r1

  Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide— (A) integrity, which means guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity; (B) confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and (C) availability, which means ensuring timely and reliable access to and use of information.
Source(s):
NIST SP 800-66 Rev. 1 under Security from 44 U.S.C., Sec. 3542

  The combination of confidentiality, integrity and availability.
Source(s):
NISTIR 5153 under Security from DoD 5200.28-STD

  the preservation of confidentiality, integrity and availability of information. NOTE In addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be relevant. A.    Integrity, property of protecting the accuracy and completeness of assets; B.    Confidentiality, property that information is not made available or disclosed to unauthorized individuals, entities, or processes; C.    Availability, property of being accessible and usable upon demand by an authorized entity.
Source(s):
NISTIR 8074 Vol. 2 under Security

  The state in which the integrity, confidentiality, and accessibility of information, service or network entity is assured.
Source(s):
NISTIR 4734 under Security

  refers to information security. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide: A.    Integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity; B.    Confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and C.    Availability, which means ensuring timely and reliable access to and use of information.
Source(s):
NISTIR 8074 Vol. 2 under Security from PL 107-347

What ensures that information is accessible only to those authorized to have access?

Which element of the information security assures that information is accessible only to those authorized to have access?

What is availability in information security?

What refers to protection of information from being modified by an Authorised party?