This document discusses information security and is submitted by Suraj, Shweta, Shreesha, Khusboo, and Pooja to their professor. It defines information security and covers principles of confidentiality, integrity, and availability. It describes types of threats like human errors, environmental hazards, and computer crimes. It also discusses types of risks to hardware, applications and data, and online operations. Various controls are outlined including common, information system, procedural, and facility controls.