The Security Risk level of a system is a combination of the importance of maintaining:
- The Availability of that system.
- The Integrity of data housed on or managed by that system.
- The Confidentiality of sensitive information stored on that system.
These form three axes of a three-dimensional space. Every computer system occupies some point in that space. It is prudent to implement Security measures on each system appropriate to its location in the Security Risk space.