Impact

From CIPedia
Jump to navigation Jump to search

The term is strongly related to the term "Consequence" and further work is needed in order to distinguish between the two terms. The terms Severity or Effect are also used as a synonym.

Definitions

European Definitions

EU

Severity is the impact of the disruption or destruction of a particular infrastructure, with reference to (1) public effect (number of members of the population affected); (2) economic effect (significance of economic loss and/or degradation of products or services); (3) environmental effect; (4) political effects; (5) psychological effects; and (6) public health consequences. [1]


The strong and noticeable effect or influence on something or someone. In the context with CBRN often used to describe the effect of a CBRN release. [2]


ENISA

The result of an unwanted incident (refers to ISO/IEC PDTR 13335-1). [3]


Other International Definitions

CARICOM

Impact (Disaster Risk Context) is a sudden occurrence without prior warning. [4]


Impact (Results Based Context) is Positive and negative, primary and secondary longterm effects produced by a development intervention, directly or indirectly, intended or unintended. [5]


Intergovernmental Panel on Climate Change (IPCC)

(Climate Change Context) The term impact is used primarily to refer to the effects on natural and human systems of extreme weather events and of climate change. Impacts generally refer to effects on lives, livelihoods, health, ecosystems, economies, societies, cultures, services and infrastructure due to the interaction of climate changes of hazardous climate events occurring within a specific time period and the vulnerability of an exposed society or system. [6]


National Definitions

Argentina

Impacto: Es la acción directa de un suceso sobre la población y/o sobre sus bienes y/o el ecosistema, donde el daño que ocasiona; depende de las características del evento y de su vulnerabilidad. [7]


Impacto: Materialización del daño potencial implícito en una amenaza al hacer interacción con una población vulnerable. Momento en que una amenaza se manifiesta produciendo un evento adverso.

Impactos directos: Aquellos que mantienen relación de causalidad directa e inmediata con la ocurrencia de un fenómeno físico, representados usualmente por el impacto en las infraestructuras, sistemas productivos, bienes y acervos, servicios y ambiente, o por el impacto inmediato en las actividades sociales y económicas.

Impactos indirectos: Aquellos que mantienen relación de causalidad con los efectos directos, representados usualmente por impactos concatenados sobre las actividades económicas y sociales o sobre el ambiente. Normalmente los impactos indirectos cuantificados son los que tienen efectos adversos en términos sociales y económicos, por ejemplo, pérdidas de oportunidades productivas y de ingresos futuros, aumento en los niveles de pobreza, aumento en costos de transporte debido a la pérdida de caminos y puentes, etc. Sin embargo, también habrá casos de impactos positivos desde la perspectiva de individuos y empresas privadas quienes pueden beneficiarse de los impactos negativos en otros. [8]



Australia

Impact is a sudden occurrence without prior warning. [9]


Belgium

De impact zijn de gevolgen van een incident op een of meerdere activa (bijvoorbeeld persoonsgegevens die niet langer exact zijn). [10]



Brazil

Impacto: mudança adversa no nível obtido dos objetivos do negócio. [11]
Impact is the adverse change in the achieved level of business objectives.


Cape Verde

Impacto do desastre: Com base nos efeitos de desastre, é o impacto estimado sobre a economia (impacto macroeconómico e microeconómico na economia e na população afectada), e sobre o desenvolvimento humano. [12]



Colombia

Impacto: El cambio logrado con la implantación de una estrategia. Consecuencias que puede ocasionar a la organización, la materialización de un riesgo. [13]



Czech Republic

(1) Nepříznivá změna dosaženého stupně cílů. (2) Následky určitého činu nebo události. [14]

(1) Adverse change in the attained degree of objectives. (2) Consequenses of a certain act or event. [14]


El Salvador

Impacto: Consecuencia sobre un activo de la materialización de una amenaza. [15]



France

(Unofficial translation) Predictable effects of a successful attack on a target. They are estimated in terms of activities’ degradation for the country or of riskiness for the population.

The French original version is:

Impacts (ou conséquences dommageables): effets prévisibles d’une agression réussie sur une cible, estimés en termes d’atteinte aux activités du pays ou de danger pour la population. [16]


Impact: Conséquence directe ou indirecte de la non-réalisation des besoins de sécurité sur l’organisme et/ou sur son environnement. [17]

Impact: Direct or indirect consequences on the organisation and/or its environment of not addressing sensitivities. Examples: On the organisation’s activity; on individuals’ safety; financial, legal, image or environmental issues. [18]



Ireland

Impact is defined as the consequences of a hazardous event being realised, expressed in terms of a negative impact on human welfare, damage to the environment or the physical infrastructure or other negative consequences. [19]



(States of) Jersey

Impacts (Consequences, Outcomes): effects on natural and human systems.

Impact: effect on lives, livelihoods, health status, ecosystems, economic, social, and cultural assets, services (including environmental), and infrastructure due to the interaction of climate changes or hazardous climate events occurring within a specific time period and the vulnerability of an exposed society or system. [20]

Impacts are also referred to as consequences and outcomes. The impacts of climate change on geophysical systems, including floods, droughts, and sea-level rise, are a subset of impacts called physical impacts.

Madagascar

Affectés: Touchés d’une façon ou d’une autre par la catastrophe. [21]



Netherlands

Impact is gedefinieerd als de gevolgen van een bedreiging die zich manifesteert.

Impact is defined as the consequences of a threat which occurs.[22]


As part of the Methodology for National Risk Assessment (Dutch: NRB-methodiek), the Netherlands has defined a set of impact assessment criteria:

1. Territorial Security:
1.1 - infringement of the integrity of the Dutch territory;
1.2 - infringement of the integrity of the international position of The Netherlands
2. Physical Security:
2.1 - casualties;
2.2 - seriously wounded and chronically ill people;
2.3 - suffering of people (lack of primary supplies such as drinking water, food, medicine)
3. Economic Security:
3.1 - costs
4. Ecological Safety:
4.1 - long duration infringement of the environment and nature (flora and fauna)
5. Social and Cultural stability:
5.1 - disrupted daily life;
5.2 - infringement of the democratic constitutional state;
5.3 - social-psychological impact


Impact: De aantasting van belangen wanneer een cyberincident zich voordoet. [23]


Switzerland

Durch ein Ereignis entstehende Wirkung auf ein Schutzgut. [24]

Répercussion d‘un événement sur un bien digne de protection.[25]

È l’azione esercitata da un evento su un degno di protezione. [26]


United Kingdom (UK)

Impact is the scale of the consequences of a hazard or threat expressed in terms of a reduction in human welfare, damage to the environment and loss of security. [27]

For the approach of the UK regarding impact assessment, refer to Criticality Scale.

Impact in the context of climate change is an effect of climate change (eg flooding, rails buckling, etc.). [28]



United States

NIST
The effect on organizational operations, organizational assets, individuals, other organizations, or the Nation (including the national security interests of the United States) of a loss of confidentiality, integrity, or availability of information or an information system. [29]


Impact: The magnitude of harm that can be expected to result from the consequences of unauthorized disclosure of information, unauthorized modification of information, unauthorized destruction of information, or loss of information or information system availability. (from: NIST SP 800-34 Rev 1) [30]



Uruguay

Impacto significativo (significant impact): Serán impactos significativos para la comunidad: (1) Aquellos que puedan provocar riesgo de vida a personas, (2) Aquellos que afecten levemente a más de 500 ciudadanos, (3) Aquellos que provoquen al Estado Uruguayo una pérdida económica significativa, (4) Aquellos que deterioren la imagen de un organismo estatal. [31]



Standard Definitions

ISA-62443-*

Impact: evaluated consequence of a particular event. [32]



ISO/IEC 27000:2014

Adverse change to the level of business objectives achieved. [33]



ISO/PAS 22399:2007

evaluated consequence of a particular outcome. [34]



Other definitions

Ontario (Canada)

Impact is the negative effect of a hazardous incident on people, property, the environment, the economy and/or services.

Impact: répercussion négative d’un incident dangereux sur les personnes, les biens, l’environnement, l'économie ou les services. [35]



OWASP

Impact: A component of Risk, the impact describes the negative effect that results from a risk being realised. [36]

Example impacts include financial loss, legal and regulatory issues, brand and reputation damage, data loss, breach of contract, and so on. Impacts can be reduced as part of risk mitigation.

See also

Notes

References

  1. EC COM(2006) 787 final, Directive of the Council on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection, EC, Brussels 12.12.2006
  2. European Commission's CBRN Glossary, 2012
  3. ENISA Risk Glossary
  4. Caribbean Disaster Emergency Management Agency (CDEMA) Regional Comprehensive Disaster Management Strategy and Results Framework 2014-2024
  5. Caribbean Disaster Emergency Management Agency (CDEMA) Regional Comprehensive Disaster Management Strategy and Results Framework 2014-2024
  6. Mach, K.J., S. Planton and C. von Stechow (eds.). Climate Change 2014: Synthesis Report. Contribution of Working Groups I, II and III to the Fifth Assessment Report of the Intergovernmental Panel on Climate Change. Annex II: Glossary. [Core Writing Team, R.K. Pachauri and L.A. Meyer (eds.)]. IPCC, Geneva, Switzerland, pp. 117-130.
  7. Glosario Comites Emergencia Argentina
  8. SUBSECRETARÍA DE PROTECCIÓN CIVIL Y ABORDAJE INTEGRAL DE EMERGENCIAS Y CATÁSTROFES (1/2015)
  9. Australian Emergency Management Glossary, Emergency Management Australia (1998)
  10. [https://www.gegevensbeschermingsautoriteit.be/sites/privacycommission/files/documents/nota_beveiliging_van_persoonsgegevens.pdf Gegevensbeschermingsautoriteit]
  11. GUIA DE REFERÊNCIA PARA A SEGURANÇA DAS INFRAESTRUTURAS CRÍTICAS DA INFORMAÇÃO Versão 01 (Nov. 2010)/ ABNT NBR ISO/IEC 27005:2008: Tecnologia da Informação: Técnicas de Segurança: Gestão de Riscos de Segurança da Informação..
  12. Avaliação das Necessidades Pós- Desastre (PDNA) ERUPÇÃO VULCÂNICA NO FOGO 2014-2015, Cape Verde
  13. Glosario Policia Colombia
  14. 14.0 14.1 Výkladový slovník kybernetické bezpečnosti (2013)
  15. Glosario - Ministerio de Hacienda
  16. INSTRUCTION GENERALE INTERMINISTERIELLE RELATIVE A LA SECURITE DES ACTIVITES D’IMPORTANCE VITALE N°6600/SGDSN/PSE/PSN du 7 janvier 2014, PREMIER MINISTRE, SECRETARIAT GENERAL DE LA DEFENSE ET DE LA SECURITE NATIONALE, Direction Protection et Sécurité de l’Etat N° NOR: PRMD1400503J
  17. Méthode de classification et mesures principales, ANSSI (2014)
  18. Classification Method and Key Measures, ANSSI (2014)
  19. A FRAMEWORK FOR MAJOR EMERGENCY MANAGEMENT (APPENDICES)
  20. States of Jersey Future-proofing Jersey: Building Resilience for the 21st Century (2015)
  21. Stratégie Nationale de Gestion des Risques et des Catastrophes – Madagascar (2014)
  22. Zakboekje Preventie Cybercrime (2008
  23. Cyber Security Beeld Nederland 2020
  24. Glossar der Risikobegriffe, Bundesamt für Bevölkerungsschutz BABS, 29.4.2013
  25. Glossaire des risques, Office fédéral de la protection de la population, 29.4.2013
  26. Glossario sui rischi, Ufficio federale della protezione della popolazione UFPP, 29.4.2013
  27. Glossary - Revision to Emergency Preparedness, Cabinet Office (2012)
  28. The National Adaptation Programme: Making the country resilient to a changing climate, UK Government (2013)
  29. NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)
  30. NIST Glossary
  31. Glossary CERTuy
  32. ISA-62443 series
  33. ISO/IEC 27000:2014, Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
  34. ISO PAS 22399:2007: Societal security – Guideline for incident preparedness and operational continuity management, ISO, Geneva, Switzerland, 2007/2011
  35. Ontario English-French Emergency Management Glossary of Terms (2011)
  36. OWASP Glossary