The 6 A’s of Security are the “glasses” through which Enterprise Security and Disaster Recovery views all of our processes, procedures, policies and services that we offer to the State of Michigan. Brief descriptions are provided below.

1. Administration – The development and publication of security policies, standards, procedures, and guidelines, the screening of personnel, security awareness training, the monitoring of system activity, and change control procedures.
2. Authentication – The process of identifying some subject or object, which can be checked and verified. Due to their characteristics, it is usually differentiated between the authenticity (integrity) of a message or file and the authenticity of a transaction.
3. Audit – An independent examination of a work product or set of work products to assess compliance with specifications, standards, contractual agreements, integrity, or other criteria.
4. Access Control - Protection of system resources against unauthorized access; a process by which use of system resources is regulated according to a security policy and is permitted by only authorized entities.
5. Assessment – The method of identification of risks and assessing the possible damage that could be caused in order to identify appropriate security safeguards.
6. Authorization - The process of determining what types of activities are permitted. Usually, authorization is in the context of authentication. Once you have authenticated a user, the user may be authorized different types of access or activity.