Integrity controls: hashing (detect changes), digital signatures (verify authenticity + integrity), FIM (File Integrity Monitoring), version control, database constraints, input validation, WORM storage.
Integrity = prevent unauthorized modification. CIA triad. Threatened by: malware (modifying files), man-in-the-middle (modifying data in transit), insider sabotage, software bugs. TLS provides integrity in transit. FIM provides integrity at rest. Digital signatures provide non-repudiation.