Security is concerned with the protection of information access, integrity, reliability and availability. The degree of protection required depends on the value of the information and this, in turn, dictate the security measures needed and afforded.

Information security is implemented by systems, policies, and procedures. Vulnerabilities in the systems present a threat to the information it protects, and if successfully exploited will result an impact. Measures intended to counteract against potential threats are called counter measures.

The purpose of a counter measure is to eliminate or reduce the likelihood or impact of a threat on an information asset. Thus, the objective of a Security Posture Assessment uncovers the potential threats to the information assets, and is therefore, an indispensable starting point in avoiding undesirable impacts. This is indispensable for organisations to require the highest possible assurance and confidence that their networks and systems are protected.