Target State

Target state is a general term used in technology to describe a future state in which specific goals and objectives have been achieved. It is the state you want the system to be in. In security policy terms, this future state generally describes which tools, processes, and resources (including people) are needed to achieve the goals and objectives. So, describing policy in terms of goals and objectives is important to get agreement on the target state.


Threat vector is a general information security term to describe a tool or path by which a hacker can gain unauthorized access. For example, accessing a website through the ...

Get Security Policies and Implementation Issues, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.