Basic diagram for an AIC classification, for a project this diagram can be extended with the implication for the project of these security requirements

For some data entities access control (authorisation and authentication) or monitoring of use is needed. Take for example requirements that are placed on the access of confidential data. In the GBA there are multiple levels of confidentiality. As such queries of officials are logged and displayed to the civilian yet for investigating officers they are logged and not displayed.

Integrity means that information is reliable to the degree necessary Low (11) The unauthorized modification of information will do no or very little harm to TenneT as a company, and no harm to the continuous and secure supply of electricity to society Medium (I2) The unauthorized modification of information could clearly harm TenneT, but do no harm to the continuous and secure supply of electricity to society High (I3) The unauthorized modification of information could do considerable harm to TenneT, but not directly to the continuous and secure supply of electricity to society Very high (I4) The unauthorized modification of information could (very) seriously and acutely harm TenneT as a company and/or directly harm the continuous and secure supply of electricity to society

This means the prevention of the disclosure of information to unauthorised individuals and / or systems Low (C1) Unauthorized disclosure of information will do no or very little harm to TenneT as a company, and no harm to the continuous and secure supply of electricity to society Medium (C2) Unauthorized disclosure of information could clearly harm TenneT, but do no harm to the continuous and secure supply of electricity to society High (C3) Unauthorized disclosure of information could do considerable harm to TenneT, but not directly to the continuous and secure supply of electricity to society Very High (C4) Unauthorized disclosure of information could (very) seriously and acutely harm TenneT as a company and/or directly harm the continuous and secure supply of electricity to society

Availability means that information must be available when it is needed Low (A1) The disruption of access to or use of information will do no or very little harm to TenneT as a company, and no harm to the continuous and secure supply of electricity to society Medium (A2) The disruption of access to or use of information could clearly harm TenneT, but do no harm to the continuous and secure supply of electricity to society High (A3) The disruption of access to or use of information could do considerable harm to TenneT, but not directly to the continuous and secure supply of electricity to society Very High (A4) The disruption of access to or use of information could (very) seriously and acutely harm TenneT as a company and/or directly harm the continuous and secure supply of electricity to society