Processes that guarantee the confidentiality and integrity of the organization’s data, information, and IT services, ensure periodic testing of security measures and manage security incidents by identifying intrusions.