Access control The means to ensure that access to assets is authorised and restricted on business and security requirements. 
Asset Any item that has value to the organisation.  Assets may be tangible, such as network equipment, systems, etc. or intangible, such as software or intellectual property.
Attack An attempt to destroy, expose, alter, disable, steal or gain unauthorised access to or make unauthorised use of an asset. 
Audit The systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled. 
Authentication The provision of assurance that a claimed characteristic of an entity is correct.