Risk is the level of exposure to some event that has an effect on an asset.
A threat is any action, either natural or human-induced, that could damage an asset.
A vulnerability is a weakness that allows a threat to be realized or to have an effect on an asset.
An information system is hardware, OS, and application software that work together to collect, process and store data for individuals and organizations.
Security is the state of being free form danger or risk.
Information systems security is the collection of activities that protect the information system and the data stored in it.
The three tenets of information security are confidentiality, integrity, and availability.
Confidentiality means only authorized users have access to information.
Availability means information must be available when needed by authorized users.
Integrity means information cannot be altered without authorization.