Availability is one of the three classic information security objectives (alongside confidentiality and integrity). It ensures that systems, services, and data are accessible when authorized users need them. In an ISMS, you define availability requirements through service level agreements and recovery objectives (RTO/RPO). Technical measures include redundancy, backups, UPS systems, and load balancing. ISO 27001 requires that availability risks be systematically assessed and treated.