Which of the following is NOT a component of information security?

In the context of information security, the main components to consider are confidentiality, integrity, and availability, often referred to as the CIA triad. Confidentiality focuses on ensuring that sensitive information is not accessible to unauthorized users. Integrity involves maintaining the accuracy and completeness of data, ensuring it has not been tampered with or altered in an unauthorized way. Availability ensures that information and resources are accessible to authorized users when they need them.

Profitability, on the other hand, does not directly relate to the core principles of information security. While organizations may consider the profitability of their operations, this concept pertains more to financial performance and business success rather than the protection of information assets. Thus, profitability is not recognized as a fundamental component of information security frameworks such as ISO 27001.