Each IT component has its own task to perform in terms of complying with the requirements of privacy, integrity, availability and reliability. Plain belief in the security properties of IT components is not enough when it comes to processing, transmitting or storing sensitive information. In such cases, trust must take the place of belief; it must be able to be measured and verified so as to create an objective quality feature like security.