What is the difference between information systems and a computer systems? An information system is a set of human and material resources that has the objective of producing and exchanging informations necessary for the functioning and management of any organization, such as a company, a school or a library. A computer system is instead the automated part of a particular information system, in which information is collected and processed digitally with the use of computers. Therefore, an information system and a computer system are not exactly the same thing.

Corporate information security

When we talk about corporate information security and therefore, in general, information system security, we are referring to the so-called CIA triad. The CIA triad is embodied in the following concepts, which must be guaranteed by the system:

• confidentiality: only those who are authorized must be able to access all information;
• integrity: information must not be damaged or modified by chance or with malicious intent;
• availability: information must always be available to those who have the authorization to use it.

Guaranteeing the security of information systems therefore means preparing policies, processes, controls and countermeasures capable of countering threats that can compromise the confidentiality, integrity and availability of information. This is regardless of whether you use IT tools to access the data.

Nowadays, however, the use of IT systems to manage information is increasingly widespread and therefore it is also necessary to protect the data and business services provided with the support of the IT system. In fact, more and more hacker attacks occur, by cybercriminals who attack companies and organizations. The branch that studies IT security is defined in English as cybersecurity.