The CIA triad — confidentiality, integrity, and availability — forms the foundation of every ISMS. Confidentiality ensures that information is accessible only to authorised parties. Integrity guarantees the accuracy and completeness of data. Availability means systems and data are usable when needed. Every security measure addresses at least one of these objectives. You assess the protection requirement of each asset against all three. In an ISMS they serve as the organising principle for risk analysis, control selection, and audit.