Security is the ability of an application to avoid malicious incidences and events outside of the designed system usage, and prevent disclosure or loss of information. Improving security increases the reliability of an application by reducing the likelihood of an attack succeeding and impairing operations. Adding security controls protects assets and prevents unauthorized access and manipulation of critical information. The factors that affect an application security are confidentiality and integrity. The key security controls used to secure systems are authorization, authentication, encryption, auditing, and logging.

Definition and monitoring of effectiveness in meeting the security requirements of the system, for example, to avoid financial harm in accounting systems, is critical. Integrity requirements restrict access to functionality or data to certain users, and protect the privacy of data entered into the software.

The following attributes are:

• Authentication: Correct identification of parties attempting to access systems and protection of systems from unauthorized parties
• Authorization: Mechanism required to authorize users to perform different functions within the systems
• Encryption (data at rest or data in flight): All external communications between the data server and clients must be encrypted
• Data confidentiality: All data must be protectively marked, stored, and protected
• Compliance: The process to confirm systems compliance with the organization's security standards and policies