Glossary

Availability

The principle that information and systems are accessible and usable when needed by authorized users. Availability ensures that security measures protect data without making it unreachable.

Why it matters

Perfect confidentiality and integrity are trivial if you simply disconnect everything. Availability is the counterbalance: systems must remain operational for the business to function. A ransomware attack that encrypts your data, a DDoS attack that takes down your services, or a misconfigured firewall that blocks legitimate users are all availability failures. Regulations like NIS2 and DORA explicitly require availability management because service disruption in critical sectors has societal impact.

In practice

Availability controls include redundancy, failover mechanisms, backup and recovery procedures, capacity planning, and DDoS protection. Business impact analysis determines the required availability levels per system, expressed as recovery time and recovery point objectives. In vucavoid, availability requirements are tracked through baselines and linked to the IT assets and processes they protect. Business criticality ratings ensure high-availability systems receive proportional protection.

Related terms

Integrity

The principle that information remains accurate, complete, and unaltered except by authorized actions.

Business Continuity

The capability to continue delivering services at acceptable levels following a disruptive incident.

Availability

Why it matters

In practice

Related terms

Integrity

Business Continuity

Cookie Use on Our Site