The goal of information security is to ensure the safety of stored information. In order to characterize information security, the following three primary characteristics are defined as protection goals:

- Confidentiality is intending to ensure that the information can only be accessed by authorized processes and IT systems.

- Integrity ensures that the information cannot be manipulated. In particular, this means that the stored data has not been altered by unauthorized or unintentional manipulation.

- Availability specifies that the information is available in accordance with the university's compliance requirements.

The information can only be regarded as secure if its confidentiality, integrity and availability have been defined and can be guaranteed to the required extent (Brunnstein 2006, p.9). In addition to these three main characteristics of information security, other secondary characteristics are sometimes required (Gründer & Schrey 2007, p.12f):

- Traceability: Information can be bindingly assigned to a specific person or process.

- Authenticity: The identity of a person can be proven beyond doubt.

- Non-repudiation, that the information was sent for a specific purpose.

The extent to which the secondary characteristics need to be taken into account depends on the protection goals of a company (Pohlmann & Blumberg 2006, p.306).

https://www.grin.com/document/192088

The security of sensitive data and processes is becoming increasingly important. An optimal and reliable information security management system is therefore essential. The task of the information security officer is to ensure the Information Security of the university and to minimize potential risks.

To achieve this, we have developed a set of strategies and policies that affect all employees. These policies aim to ensure the security of sensitive data and protect the organization from potential damage.

The information security management system (ISMS) is a central component of our security strategy. It includes all the necessary measures, from risk assessment to the implementation of security measures. By continuously improving our ISMS, we can ensure that the University of Rostock is up to date.

The responsibility of the Information Security Officer is to monitor and implement security measures. He works closely with the various departments and faculties to help ensure that all employees have the necessary knowledge and skills to ensure the safety of the organization as a whole.