The following KPI's are:
- Authentication: Correct identification of parties attempting to access systems and protection of systems from unauthorized parties
- Authorization: Mechanism required to authorize users to perform different functions within the systems
- Encryption (data in flight and at rest): All external communications between the application data server and clients to be encrypted
- Data confidentiality: All data must be protectively established, secured and archived
- Compliance: The process to confirm system compliance with the organization's security standards and policies