Information security is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Infosec responsibilities include establishing a set of business processes that will protect the confidentiality, integrity and availability of information assets regardless of the format or whether the information is in transit, is being processed or is at rest in storage. An Information security practitioner requires a good grounding in international best practices for Infosec and audit governance as well as General IT governance – ISO27001, ISO 27002, ITIL and COBIT.