The information must be produced in a cost-effective manner
Efficiency
Sensitive information must be protected from unauthorized disclosure
Confidentiality
The information must be accurate, complete and valid
Integrity
The information must be available whenever needed
Availability
Controls must ensure complience with internal policies and with external legal and regulatory requirements
Compliance
Management must have access to appropriate information needed to conduct daily activities and to exercise its fiduciary and governance responsibilities